Linux Distros Unpatched Vulnerability : CVE-2026-46155

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb/client: fix out-of-bounds read in smb2compoundop If a server sends a truncated response but a large OutputBufferLength, and terminates the EA list early,...

USN-8373-1 linux, linux-aws, linux-aws-6.8, linux-aws-fips, linux-azure, linux-fips, linux-gcp, linux-gcp-6.8, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-nvidia-tegra, linux-oracle, linux-oracle-6.8, linux-raspi, linux-raspi-realtime, linux-realtime, linux-realtime-6.8 vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

EUVD-2026-33956

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads user-controlled ioctl pointers with bpfproberead instead of bpfprobereaduser. An instrumented local process can therefore point OBI at kerne...

CVE-2026-46155

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote attacker, acting as a malicious SMB server, could send a specially crafted, truncated response with an oversized buffer length. This could lead to an out-of-bounds read in the smb2compoundop function, allowing the...

SUSE CVE-2025-71312

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freeing the...

UBUNTU-CVE-2026-45939

In the Linux kernel, the following vulnerability has been resolved: gpib: Fix memory leak in niusbinit In niusbinit, if niusbsetupinit fails, the function returns -EFAULT without freeing the allocated writes buffer, leading to a memory leak. Additionally, niusbsetupinit returns 0 on failure, whic...

CVE-2026-45947 drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpuacpienumeratexcc In amdgpuacpienumeratexcc, if amdgpuacpidevinit returns -ENOMEM, the function returns directly without releasing the allocated xccinfo, resulting in a memory leak. Fix this by...

CVE-2026-45856 RDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...

Linux Distros Unpatched Vulnerability : CVE-2026-45994

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies us...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: Fixed a memory leak in ocfs2stackglueinit. The ocfs2tableheader should be freed in ocfs2stackglueinit if ocfs2sysfsinit fails. Otherwise, kmemleak will report a memory leak. BUG: Memory leak. Unreferenced object...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcdmipid: Fixed an error handling path in mipidspiprobe. If ‘mipiddetect’ fails, we must free ‘md’ to avoid a memory leak...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit, but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers a kmemleak:...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021591 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix a memory leak Add a forgotten kfree. Tenable has extracted the preceding...

Linux Distros Unpatched Vulnerability : CVE-2026-43104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/vc4: Fix a memory leak in hang state error path When vc4savehangstate encounters an early return condition, it returns without freeing the previously...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KEYS: Trusted – Fixed a memory leak in tpm2loadcmd. tpm2loadcmd allocates a temporary blob indirectly through tpm2keydecode, but the blob is not freed during failure paths. This issue can be addressed by wrapping the blob with a...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len The packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such cases, the cloned skb passed through the network stack may...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: r6040: Fixed the kmemleak in the probe process and removed it. There is a memory leak reported by kmemleak: - Unreferenced object 0xffff888116111000 size 2048: comm “modprobe”, pid 817, jiffies 4294759745 age 76.502s Hex dump...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: brcmfmac: pcie: Firmware is released in the brmfipciesetup error path. This prevents memory leaks if the brmfichipgetraminfo function fails. Note that the CLM blob is released in the device removal path...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, the variable bounce i.e., go-bootfw is allocated without subsequent deallocation. After the following call chain: saa7134go7007init | | - go7007bootencoder |...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel up to version 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory through a Speculative Store Bypass side-channel attack. This occurs because a certain preempting store operation does not necessarily occur before a store operation whose valu...