CVE-2026-46120

In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Correctly track subprogram poke descriptors and fix use-after-free Subprograms call mappoketrack, but during program release, there is no hook to call mappokeuntrack. However, during program release, the auxiliary memory and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold a reference to the port until the decoder is released. KASAN and DEBUGKOBJECTRELEASE report a potential use-after-free in cxldecoderrelease. This function references its parent object, a cxlport, to free its id bac...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: riscv: Use READONCENOCHECK in the imprecise unwinding stack mode. When CONFIGFRAMEPOINTER is not set, the stack unwinding function walkstackframe randomly reads from the stack. When KASAN is enabled, this can lead to the followin...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring buffer to avoid non-atomic context problem. Sometimes user-space strings, arrays can be very large,...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010804)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010804 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipcmonreinitself. syzbot reported use-after-free of...

CVE-2026-23392

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flowtable after rcu grace period on error Call synchronizercu after unregistering the hooks from error path, since a hook that already refers to this flowtable can be already registered, exposing this...

UBUNTU-CVE-2026-23184

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF in bindernetlinkreport Oneway transactions sent to frozen targets via binderproctransaction return a BRTRANSACTIONPENDINGFROZEN error but they are still treated as successful since the target is expected to thaw a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992882)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992882 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Fix a use-after-free Change the LIO port members inside struct srptport from regular...

CVE-2023-54270

In the Linux kernel, the following vulnerability has been resolved: media: usb: siano: Fix use after free bugs caused by dosubmiturb There are UAF bugs caused by dosubmiturb. One of the KASan reports is shown below: 36.403605 BUG: KASAN: use-after-free in workerthread+0x4a2/0x890 36.406105 Read o...

CVE-2023-54292

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP request done KCSAN detects a data race on cqprequest-requestdone memory location which is accessed locklessly in irdmahandlecqpop while being updated in irdmacqpcehandler. Annotate lockless intent...

CVE-2023-54186

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pinassignmentshow This patch fixes negative indexing of buf array in pinassignmentshow when getcurrentpinassignments returns 0 i.e. no compatible pin assignments are found. BUG: KASAN:...

UBUNTU-CVE-2023-54283

In the Linux kernel, the following vulnerability has been resolved: bpf: Address KCSAN report on bpflrulist KCSAN reported a data-race when accessing node-ref. Although node-ref does not have to be accurate, take this chance to use a more common READONCE and WRITEONCE pattern instead of datarace...

CVE-2023-54226

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data races around sk-skshutdown. KCSAN found a data race around sk-skshutdown where unixreleasesock and unixshutdown update it under unixstatelock, OTOH unixpoll and unixdgrampoll read it locklessly. We need to annota...

CVE-2023-54218 net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().

In the Linux kernel, the following vulnerability has been resolved: net: Fix load-tearing on sk-skstamp in sockrecvcmsgs. KCSAN found a data race in sockrecvcmsgs where the read access to sk-skstamp needs READONCE. BUG: KCSAN: data-race in packetrecvmsg / packetrecvmsg write marked to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992220)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992220 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size dumpstack lib/dumpstack.c:88 inline...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992341)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992341 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992370)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992370 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxpsock kcm-rxpsock can be read locklessly in kcmrfree...

CVE-2022-50753 f2fs: fix to do sanity check on summary info

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...

EUVD-2025-205076

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check in bpfgetstackid Syzkaller reported a KASAN slab-out-of-bounds write in bpfgetstackid when copying stack trace data. The issue occurs when the perf trace contains more stack entries than the stack...