kernel: proc: fix UAF in proc_get_inode()

In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...

CVE-2026-43409

A flaw was found in the Linux kernel's kprobes subsystem. When the ftrace tracing utility is disabled due to errors, a local user can cause a system crash by removing a kernel module that uses kprobe probes. This vulnerability arises from kprobes not correctly handling the ftrace disabled state,...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed a kernel crash during module removal The driver incorrectly releases the client instance, and subsequent removal of the i40e module leads to a kernel crash. Reproducing the issue: 1. Perform an offline ethtool test...

CVE-2025-23135 RISC-V: KVM: Teardown riscv specific bits after kvm_exit

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Teardown riscv specific bits after kvmexit During a module removal, kvmexit invokes arch specific disable call which disables AIA. However, we invoke aiaexit before kvmexit resulting in the following warning. KVM...

DEBIAN-CVE-2024-50023

In the Linux kernel, the following vulnerability has been resolved: net: phy: Remove LED entry from LEDs list on unregister Commit c938ab4da0eb "net: phy: Manual remove LEDs to ensure correct ordering" correctly fixed a problem with using devm but missed removing the LED entry from the LEDs list...