143 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed a leak of the rxgk context in rxgkverifyresponse. Fixed rxgkverifyresponse to clean up the rxgk context it creates...
EUVD-2026-32785
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: always decrease sk refcount When an ADDADDR is retransmitted, the sk is held in skresettimer. It should then be released in all cases at the end. Some unlikely checks were returning directly instead of...
SUSE CVE-2026-45925
In the Linux kernel, the following vulnerability has been resolved: thermal/of: Fix reference leak in thermalofcmlookup In thermalofcmlookup, trnp is obtained via ofparsephandle, but never released. Use the freedevicenode cleanup attribute to automatically release the node and fix the leak. rjw:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: selinux: Fixed a memory leak in the securityreadstatekernel function. In this function, it directly returns the result of securityreadpolicy without freeing the allocated memory in data. This causes a memory leak issue. Therefore...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: Avoid scanning potential huge holes. When using devmrequestfreememregion and devmmemremappages to add ZONEDEVICE memory, if the end PFN of the requested free memory region is huge e.g., 0x400000000, the nodeendpfn wi...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In 64-bit versions of the Linux kernel, Copyfromuser does not implement uaccessbeginnospec, which allows a user to bypass the “accessok” check and pass a kernel pointer to copyfromuser. This would enable an attacker to leak sensitive information. We recommend upgrading beyond commit...
CVE-2026-43451
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: fix entry leak in bridge verdict error path nfqnlrecvverdict calls finddequeueentry to remove the queue entry from the queue data structures, taking ownership of the entry. For PFBRIDGE packets, it then...
CVE-2026-43396
In the Linux kernel, the vulnerability CVE-2026-43396 is in the drm/xe/sync path. When dma_fence_chain_alloc() fails, the user fence reference is not released, causing a memory leak. Documented across multiple sources (Red Hat, SUSE, Ubuntu, Debian OSV entries, and NVD), the issue is fixed by the...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: inetdiag: fixed a kernel-infoleak issue for UDP sockets KMSAN reported a kernel-infoleak issue 1 that could be exploited by unprivileged users. After analysis, it turned out that UDP was not initializing r-idiagexpires. Other...
Astra Linux - уязвимость в linux
An out-of-bounds memory access flaw was discovered in the x25bind function in the net/x25/afx25.c file within the Linux kernel version v5.12-rc5. A failure in the bounds check allows a local attacker with a user account on the system to access out-of-bounds memory, resulting in a system crash or...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mediatek: common: Fixed a refcount leak in parsedailinkinfo. Added calls to ofnodeput before the returns from ofnodeget and ofnodeput, which can prevent imbalance if the “foreachavailablechildofnode” loop terminates earl...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed a memory leak in kfdmemdmamapuserptr. If the number of pages from the userptr BO differs from the SG BO, then the allocated memory for the SG table does not get freed before returning – leading to an EINVAL erro...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fixed a memory leak in kvmipidestroy In kvmioctlcreatedevice, kvmdevice has allocated memory. kvmdevice-destroy seems to be supposed to free up the kvmdevice structure, but kvmipidestroy does not do this currently...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ubifs: A memory leak has been fixed in the dorename function. When renaming a file in an encrypted directory, the function fscryptsetupfilename allocates memory for a file name. This name is never used, and before returning to th...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A use-after-free flaw was discovered in btrfssearchslot in fs/btrfs/ctree.c within btrfs in the Linux Kernel. This flaw allows an attacker to crash the system and potentially cause a kernel information leak...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: A leak was fixed in mapuserpages. If getuserpagesfast allocates some pages, but not as many as we wanted, then the current code causes those pages to be leaked. Call putpage on the pages before returning...
Astra Linux – Vulnerability in Linux 5.10, Linux
A flaw was discovered in the Linux kernel. A NULL pointer dereference may occur when the slip driver is in progress to detach at sltxtimeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information...
Linux Distros Unpatched Vulnerability : CVE-2026-31632
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix leak of rxgk context in rxgkverifyresponse Fix rxgkverifyresponse to clean up the rxgk context it creates. CVE-2026-31632 Note that Nessus relies on...
CVE-2026-31653
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: dealloc repeatcallcontrol if damoncall fails damoncall for repeatcallcontrol of DAMONSYSFS could fail if somehow the kdamond is stopped before the damoncall. It could happen, for example, when te damon context was...
CVE-2026-31610
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc The kernel ASN.1 BER decoder calls action callbacks incrementally as it walks the input. When ksmbddecodenegTokenInit reaches the mechToken 2 OCTET STRING...