850 matches found
CVE-2026-45856
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the ibuverbspostsend function. A local user can exploit this vulnerability by providing an invalid work queue element size wqesize from userspace without proper validation. This can lead to an...
CVE-2026-45856
The CVE-2026-45856 issue affects the Linux kernel's RDMA/uverbs subsystem, specifically ib_uverbs_post_send. The vulnerability arises when cmd.wqe_size from userspace is not validated before kmalloc and using the allocated memory as struct ib_uverbs_send_wr, allowing an out-of-bounds read of kern...
PT-2026-43723
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqe size before using it in ib uverbs post send ib uverbs post send uses cmd.wqe size from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ib uverbs sen...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: netlink: Fixed an issue where the kernel could be exposed after free operation in skbdatagramiter. The syzbot reported the following issue with uninitialized value access 1: netlinktofullskb creates a new skb and sets skb-data...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: actskbmod: prevent kernel-infoleak The syzbot discovered that tcfskbmoddump was copying four bytes from the kernel stack to user space 1. The issue here is that ‘struct tcskbmod’ has a four-byte hole. We need to cle...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: dosysnametohandle: The use of kzalloc instead of kmalloc was identified as a vulnerability that exposes the kernel to attacks. The syzbot identified a vulnerability in the dosysnametohandle function, and reported the following...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
A use-after-free flaw was discovered in xgenehwmonremove in drivers/hwmon/xgene-hwmon.c within the Hardware Monitoring Linux Kernel Driver xgene-hwmon. This flaw could allow a local attacker to cause the system to crash due to a race condition. This vulnerability could even lead to a situation...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
A use-after-free vulnerability was discovered in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c within the SCSI sub-component of the Linux kernel. This flaw allows an attacker to access internal kernel information...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iwpoint struct iwpoint has a 32bit hole on 64bit arches. struct iwpoint void user pointer; / Pointer to the data in user space / u16 length; / number of fields or size in bytes / u16 flags;...
Astra Linux - уязвимость в linux, linux-5.10
A use-after-free read flaw was discovered in the sockgetsockopt function in net/core/sock.c, due to race conditions involving SOPEERCRED and SOPEERGROUPS functions when used with listen and connect in the Linux kernel. In this flaw, an attacker with user privileges could potentially crash the...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: inetdiag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak 1, that can exploited by unpriv users. After analysis it turned out UDP was not initializing r-idiagexpires. Other users of inetskdiagfill might make...
Astra Linux - уязвимость в linux, linux-5.10
A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c within the Linux kernel. This flaw allows a local attacker with special user privileges CAPSYSADMIN or CAPSYSRAWIO to cause confidentiality issues...
Astra Linux - уязвимость в linux
In the pfkeydump of afkey.c, there is a potential out-of-bounds read due to a missing bounds check. This could lead to the disclosure of local information within the kernel, which requires System execution privileges. User interaction is not required for exploitation. Product: Android. Versions:...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
A use-after-free flaw was discovered in vhostnetsetbackend in drivers/vhost/net.c within the virtio network subcomponent of the Linux kernel, due to a double fget operation. This flaw could allow a local attacker to cause the system to crash, and could even lead to a kernel information leak issue...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
A use-after-free flaw was discovered in r592remove in drivers/memstick/host/r592.c, responsible for media access in the Linux kernel. This flaw allows a local attacker to crash the system upon device disconnection, potentially leading to a kernel information leak...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed an information leak in btrfsioctllogicaltoino. Syzbot reported the following information leaks related to btrfsioctllogicaltoino: - BUG: KMSAN: A kernel-infoleak exists in instrumentcopytouser from...
Astra Linux - уязвимость в linux-5.10
A flaw was discovered in btrfsgetrootref in fs/btrfs/disk-io.c within the btrfs filesystem of the Linux kernel, due to a double decrement of the reference count. This issue may allow a local attacker with user privileges to crash the system or may lead to the leakage of internal kernel informatio...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
A out-of-bounds memory access flaw was discovered in the Linux kernel, specifically in the relayfilereadstartpos function within kernel/relay.c in relayfs. This flaw could allow a local attacker to crash the system or leak internal kernel information...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . net? KMSAN: kernel-infoleak in skbdatagramiter In tcfifedump, the variable 'opt' was partially...