1419 matches found
CVE-2026-45837
The CVE-2026-45837 issue affects the Linux kernel BPF arena memory management during fork. The root cause is that arena_vm_open() bumps mmap_count but does not register the child VMA in arena->vma_list, leaving vml->vma to point to the parent VMA. After the parent unmaps, a use-after-free c...
PT-2026-43765
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix workqueue list corruption by removing work list The commit e1168f0 "RDMA/iwcm: Simplify cm event handler" changed the work submission logic to unconditionally call queue work with the expectation that queue work...
PT-2026-43887
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damos quota goal-nid for node mem used,free bp Patch series "mm/damon/core: validate damos quota goal-nid". node memcg used,free bp DAMOS quota goals receive the node id. The node id is used for si meminfo...
CVE-2026-45836
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockgetsndtimeocb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...
EUVD-2026-31856
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockstatechangecb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...
Important: kernel-livepatch-6.12.83-111.159
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.12.83-111.159 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.12.77-99.140
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.12.77-99.140 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
RHSA-2026:19573 Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_134_1, kpatch-patch-5_14_0-284_148_1, and kpatch-patch-5_14_0-284_158_1 security update
Bulletin has no description...
TencentOS Server 4: kernel (TSSA-2026:0334)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0334 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a combination of JIT blinding and pointers to bpf subprogs. The combination of JIT blinding and pointers to bpf subprogs causes the following issue: 36.989548 BUG: Unable to handle a page fault for address:...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: arm64: Do not call NULL in docompatalignmentfixup. doalignmentt32tohandler only fixes alignment faults for specific instructions; otherwise, it returns NULL e.g., for LDREX. When this occurs, a signal is sent to the caller...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: The page extent mapping was set after the readfolio operation in relocateonepage. One of the CI runs triggered the following panic: Assertion failed: PagePrivatepage && page-private, in fs/btrfs/subpage.c:229 ----------...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume In virtblkinithctx, hctx-userdata is set to vq. However, vq is freed during suspension and reallocated during resume. As a result, hctx-userdata becomes invalid after resume,...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: igc: Fix the PTM cycle trigger logic Writing to clear the “valid” bit of the PTM status while the PTM cycle is triggered results in unreliable PTM operations. To fix this, clear the “trigger” and status of the PTM after each PTM...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm: adreno: Fixed the issue where ifpcreglist was referenced even though it wasn’t declared. On platforms with an A7xx GPU that does not support IFPC, the ifpcreglist is still referenced in a6xxpatchpwrupreglist, which cause...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Firmware: mesonsm – fixed to avoid potential NULL pointer dereferencing. The ofmatchdevice function may fail and return a NULL pointer. This issue was addressed by checking the return value of ofmatchdevice...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: txgbe: Space has been reserved for null terminators in propertyEntry. The lists of struct propertyEntry are supposed to be terminated with an empty property. Currently, this driver seems to allocate exactly the amount of spa...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fixed a memory leak in dwc3qcominterconnectinit. In the alloc Resources for path handle function, resources should be released when they are no longer needed. This can be done by using the release function in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: zone: Fix was made to avoid inconsistencies between SIT and SSA. With the above testcase, inconsistencies may occur between SIT and SSA. Example code: createnullblk 512 2 1024 1024 mkfs.f2fs -m /dev/nullb0 mount /dev/nullb0...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: riscv: ftrace: Fixed a panic issue by disabling preemption. In RISCV, we must use an AUIPC + JALR pair to encode an immediate jump, creating a jump to an address beyond 4K. This may cause errors if we want to enable kernel...