29 matches found
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: espintcp: fixed skb leaks. Several error paths now include a kfreeskb...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: macvlan: A grace period for resource control is observed in the error path of macvlancommonnewlink. Valis reported that a race condition still occurs after our previous patch. macvlancommonnewlink might have made the device...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘wireguard: device: enable threaded NAPI’” This resolution corresponds to commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c, which is a commit from upstream. We have received three independent reports from production users...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: hfsplus: treating special inodes as regular files Since the commit af153bb63a33 "vfs: catching invalid modes in mayopen" requires that any inode be of one of the types SIFDIR/SIFLNK/SIFREG/SIFCHR/SIFBLK/SIFIFO/SIFSOCK, use SIFREG...
Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1863)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1863 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 In the Linux kernel, the following vulnerability has...
Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1753)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1753 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fix race between concurrent split and refault CVE-2026-31456 In the Linux kernel, the following vulnerability h...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ndisc: Extended RCU protection has been added to ndiscsendskb. The ndiscsendskb function can be called without holding RTNL or RCU. The rcureadlock function must be acquired earlier, so that we can use devnetrcu, and potential...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: idpf: fix checksums set in idpfrxrsc idpfrxrsc uses skbtransportoffsetskb while the transport header is not set yet. This triggers the following warning for CONFIGDEBUGNET=y builds. DEBUGNETWARNONONCE!skbtransportheaderwassetskb...
Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1708)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1708 advisory. In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-43503 In the Linux kernel, the following...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...
Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1488)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1488 advisory. In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. CVE-2025-40149 In the Linux kernel, the following vulnerability has bee...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps CVE-2025-40170 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections CVE-2025-68206 In the Linux kernel...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The issue of hiding VRAM sysfs attributes on GPUs without VRAM has been addressed. Otherwise, accessing these attributes can cause a crash...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: In the bpf module, it was necessary to check whether the helper function is valid in gethelperproto. The kernel test robot reported a bug related to the verifier 1, where the helper function pointer could be NULL due to a disable...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: RCU: Fixed a deadloop in rcureadunlock due to IRQ work. During rcureadunlockspecial, if this occurs during irqexit, we may get locked up if an IPI is issued. This is because the IPI itself triggers the irqexit path, causing a...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Check for rtd == NULL in sndsocremovepcmruntime The function sndsocremovepcmruntime might be called with rtd == NULL, which will lead to a null pointer derefrence. This issue was reproduced when topology loading was...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: vsock: Fixed the transportg2h,h2g TOCTOU issue. The vsockfindcid and vsockdevdoioctl functions may race with module unloading. transportg2h,h2g may become NULL after the NULL check. Introduced vsocktransportlocalcid to prevent...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bridge: mcast: Fix use-after-free during router port configuration CVE-2025-38248 In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal...
Low: kernel6.12
Issue Overview: No CVE associated with this advisory Affected Packages: kernel6.12 Issue Correction: Run dnf update kernel6.12 --releasever 2023.8.20250808 or dnf update --advisory ALAS2023-2025-1129 --releasever 2023.8.20250808 to update your system. More information on how to update your system...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: net: mctp: Do not access ifaindex when it is missing In mctpdumpaddrinfo, ifaindex can be used to filter interfaces, but only when the struct ifaddrmsg is provided. Otherwise, it will compare to uninitialized memory—a...