Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1753)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1753 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fix race between concurrent split and refault CVE-2026-31456 In the Linux kernel, the following vulnerability h...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/core: Silence oversized kvmalloc warnings The syzkaller triggered an oversized kvmalloc warning. Silence this warning by adding GFPNOWARN to the configuration. syzkaller log: WARNING: CPU: 7 PID: 518 at mm/util.c:665...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: vsock: Fixed the transportg2h,h2g TOCTOU issue. The calls to vsockfindcid and vsockdevdoioctl may race with module unloading. transportg2h,h2g may become NULL after the NULL check. Introduced vsocktransportlocalcid to prevent ...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: espintcp: fixed skb leaks. Several error paths now include a kfreeskb...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: keys: Fixed UAF in keyput Once a key’s reference count is reduced to 0, the garbage collector thread may destroy it at any time. Therefore, keyput is no longer allowed to access the key after that point. The most it can normally ...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubifs: Skip dumping the tnc tree when zroot is null. Clearing the slab cache will free all znode entries in memory, and set c-zroot.znode to NULL. Dumping the tnc tree will then access c-zroot.znode, which can lead to a null...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: mctp: Do not access ifaindex when it is missing In mctpdumpaddrinfo, ifaindex can be used to filter interfaces, but only when the struct ifaddrmsg is provided. Otherwise, it will compare to uninitialized memory—a problem...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Check for rtd == NULL in sndsocremovepcmruntime The function sndsocremovepcmruntime might be called with rtd == NULL, which will lead to a null pointer derefrence. This issue was reproduced when topology loading was...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1708)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1708 advisory. In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Tenable has extracted the preceding description block...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: idpf: fixed checksums set in idpfrxrsc idpfrxrsc uses skbtransportoffsetskb when the transport header is not yet set. This triggers the following warning in builds with CONFIGDEBUGNET=y:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access between the reset thread and the TM thread for reply queues. When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an inval...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: pktgen: Fixed the issue where access occurs outside of the user-given buffer in pktgenthreadwrite. The size of the user-given buffer was respected for strnlen calls; otherwise, strnlen would access memory outside of the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ndisc: Extended RCU protection has been added to ndiscsendskb. The ndiscsendskb function can be called without holding RTNL or RCU. Acquire rcureadlock should be performed earlier, so that we can use devnetrcu, and potential U...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1488)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1488 advisory. In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. CVE-2025-40149 In the Linux kernel, the following vulnerability has bee...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps CVE-2025-40170 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections CVE-2025-68206 In the Linux kernel...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM Otherwise accessing them can cause a crash...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: rcu: Fix rcureadunlock deadloop due to IRQ work During rcureadunlockspecial, if this happens during irqexit, we can lockup if an IPI is issued. This is because the IPI itself triggers the irqexit path causing a recursive lock up...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bridge: mcast: Fix use-after-free during router port configuration CVE-2025-38248 In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal...