870 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: wifi: Avoid exposing kernel data to user space through struct iwpoint struct iwpoint contains a 32-bit field on 64-bit architectures. c struct iwpoint void user pointer; / Pointer to the data in user space / u16 length; / Number ...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak. This issue was fixed by using the syzbot tool to detect the KMSAN kernel-infoleak. The variable ‘opt’ in tcfifedump was partially initialized using a...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
Astra Linux – Vulnerability in Linux
In the pfkeydump of afkey.c, there is a potential out-of-bounds read due to a missing bounds check. This could lead to the disclosure of local information within the kernel, which requires System execution privileges. User interaction is not required for exploitation. Product: Android. Versions:...
Astra Linux – Vulnerability in Linux, Linux 5.10
A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c within the Linux kernel. This flaw allows a local attacker with special user privileges CAPSYSADMIN or CAPSYSRAWIO to cause confidentiality issues...
Astra Linux – Vulnerability in Linux, Linux 5.10
A use-after-free read flaw was discovered in the sockgetsockopt function in net/core/sock.c, due to race conditions involving SOPEERCRED and SOPEERGROUPS functions when used with listen and connect in the Linux kernel. In this flaw, an attacker with user privileges could potentially crash the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
A use-after-free flaw was discovered in vhostnetsetbackend in drivers/vhost/net.c within the virtio network subcomponent of the Linux kernel, due to a double fget operation. This flaw could allow a local attacker to cause the system to crash, and could even lead to a kernel information leak issue...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
A use-after-free flaw was discovered in xgenehwmonremove in drivers/hwmon/xgene-hwmon.c within the Hardware Monitoring Linux Kernel Driver xgene-hwmon. This flaw could allow a local attacker to cause the system to crash due to a race condition. This vulnerability could even lead to a situation...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A out-of-bounds memory access flaw was discovered in the Linux kernel, specifically in the relayfilereadstartpos function within kernel/relay.c in relayfs. This flaw could allow a local attacker to crash the system or leak internal kernel information...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A use-after-free flaw was discovered in r592remove in drivers/memstick/host/r592.c, responsible for media access in the Linux kernel. This flaw allows a local attacker to crash the system upon device disconnection, potentially leading to a kernel information leak...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dosysnametohandle: kzalloc was used to fix a kernel-infoleak vulnerability. The syzbot identified a kernel information leak vulnerability in dosysnametohandle. A report was issued regarding this issue 1. 1 “BUG: KMSAN:...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
A use-after-free vulnerability was discovered in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c within the SCSI sub-component of the Linux kernel. This flaw allows an attacker to access internal kernel information...
Astra Linux - Vulnerability in linux-5.10
A vulnerability was discovered in the btrfsgetrootref function in fs/btrfs/disk-io.c within the Btrfs filesystem of the Linux kernel, caused by a double decrement of the reference count. This issue could allow a local attacker with user privileges to crash the system or lead to the disclosure of...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed an information leak in btrfsioctllogicaltoino. Syzbot reported the following information leaks related to btrfsioctllogicaltoino: - BUG: KMSAN: A kernel-infoleak exists in instrumentcopytouser from...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
CVE-2026-45856
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the ibuverbspostsend function. A local user can exploit this vulnerability by providing an invalid work queue element size wqesize from userspace without proper validation. This can lead to an...