Advisory ROSA-SA-2026-3291

software: kernel-5.10 5.10.244 WASP: ROSA-CHROME unaffected versions = kernel-5.10-5.10.244-4 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tipc: Fixed null-ptr-deref when acquiring the remote IP address for the Ethernet bearer. Reproduction steps: 1. Create a tun interface. 2. Enable the L2 bearer. 3. Use TIPCNLUDPGETREMOTEIP with a media name set to “tun”. Tipc:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdwutils: avoid NULL deref when devmkasprintf fails devmkasprintf may return NULL when memory allocation fails. However, the debug message prints cpus-dainame before checking it. Move the devdbg call after the NULL chec...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear the FFR context field in streaming SVE mode. The FFR is a predicate register whose size can range from 16 to 256 bits, depending on the configured vector length. When saving the SVE state in streami...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Rejects attempts to synchronize VMSA of a vCPU that has already been launched/encrypted. Synchronize the vCPU state with its associated VMSA if the vCPU has already been launched, that is, if the VMSA has already been...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed memory leaks in mpi3mrinitioc. Do not allocate memory again when the IOC is being reinitialized...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use the appropriate destructor for IPv6. Previously, only the destructor from the TCP request sock in IPv4 was called, even if the subflow was IPv6. It is important to use the correct destructor to avoid memory leaks with...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc95xx: Limit packet length to skb-len The packet length retrieved from the descriptor may be larger than the actual socket buffer length. In such cases, the cloned skb passed up the network stack may leak kernel memo...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm: swap: check for stable address space before operating on the VMA It is possible to encounter a zero entry while traversing the vmas in unusemm called from the swapoff path. Accessing this zero entry can result in an OOPS erro...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent. If the controller is not marked as cache coherent, then the kernel will try to ensure coherence during DMA operations, which may lead to data corruption. Therefore...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btusb: Added a NULL check for “date-evtskb”. Fixed crashes due to NULL pointers. 6104.969662 BUG: NULL pointer dereferencing in the kernel; address: 00000000000000c8 6104.969667 PF: Supervisor read access in kernel...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fixed a race condition between searching chunks and releasing the journalhead from the bufferhead. A race condition was encountered between ocfs2testbgbitallocatable and jbd2journalputjournalhead, resulting in the followin...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate sufficient space for GMU registers In commit 142639a52a01 “drm/msm/a6xx: fix crashstate capture for A650”, we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we did not change the...

Astra Linux - уязвимость в linux, linux-5.10

In various setup methods of the USB gadget subsystem, there is a possibility of unauthorized writing due to an incorrect flag check. This could lead to a local escalation of privileges without the need for additional execution privileges. User interaction is not required for exploitation. Product...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: This issue prevents UBSAN errors occurring in truesectorsperclst. The syzbot reported the following UBSAN error: 76.901829 T6677 ================================================================================ 76.903908...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ath11k: Disable spectral scan during spectral deinit When ath11k modules are removed using rmmod with spectral scan enabled, crashes occur. Different crash traces are observed for each crash. Send a WMI command to disable spectra...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the NULL pointer issue in bufferfuncs. If SDMA block is not enabled, bufferfuncs will not be initialized. Fixing this issue ensures that the NULL pointer issue is addressed when bufferfuncs is not initialized...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: jfs: Fixed null-ptr-deref in jfsioctrim Syzkaller Report Oops: General Protection Fault, likely for non-canonical addresses 0xdffffc0000000087: 0000 1 KASAN: null-ptr-deref in range 0x0000000000000438-0x000000000000043f CPU: 2...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: The platformgetirqbyname function returns an integer. If an error occurs, platformgetirqbyname will return a negative value. Therefore, this value should be checked instead of being passed directly into...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed a data race around user-unixinflight. user-unixinflight is updated under spinlockunixgclock, but toomanyunixfds accesses it without locking it. We need to annotate the write/read accesses to user-unixinflight. BU...