Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In multiple functions of iouring.c, there is a possibility of kernel memory corruption due to improper locking. This could lead to a local escalation of privileges in the kernel, as execution privileges are required. User interaction is not necessary for exploiting this vulnerability...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: kmsan: fix out-of-bounds access to shadow memory Running sha224kunit on a KMSAN-enabled kernel results in a crash in kmsaninternalsetshadoworigin: BUG: unable to handle page fault for address: ffffbc3840291000 PF: supervisor read...

Astra Linux - уязвимость в linux

There is an information disclosure vulnerability in the ARM SIGPAGE functionality of the Linux Kernel v5.4.66 and v5.4.54. The latest version 5.11-rc4 appears to still be vulnerable. A userland application can read the contents of the sigpage, which may lead to the exposure of kernel memory...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp using vsock, the data size is usually 32 kB. kmalloc seems to fail when trying to allocate 32 32 kB regions. vhost-5837: Page allocation...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: crash: fix crashkernel resource shrink When crashkernel is configured with a high reservation, shrinking its value below the low crashkernel reservation causes two issues: 1. Invalid crashkernel resource objects 2. Kernel crash i...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: Disallowed toggling KVMMEMGUESTMEMFD on an existing memslot. Rejected attempts to disable KVMMEMGUESTMEMFD on a memslot that was initially created with a guestmemfd binding. KVM does not support toggling KVMMEMGUESTMEMFD ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/cma: Fixed a kmemleak in rdmacore that was observed during the blktests nvme/rdma tests with siw. When running the blktests nvme/rdma tests, the following kmemleak issue will appear: - kmemleak: The Kernel Memory Leak...

Astra Linux - уязвимость в linux

The bpf verifier in the Linux kernel failed to properly handle truncation of the mod32 destination register when the source register was known to be 0. A local attacker who had the ability to load bpf programs could exploit this vulnerability by performing out-of-bounds reads in kernel memory,...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: mac80211: A potential double-free operation occurred during mesh join. While commit 6a01afcf8468 “mac80211: Mesh: Deleting ie data when leaving the mesh” fixed a memory leak that occurred during mesh leave/teardown, it introduced...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination condition in gssfreeintokenpages The intoken-pages array is not NULL terminated. This results in the following KASAN splat: KASAN: maybe wild-memory-access in range 0x04a2013400000008-0x04a20134000000...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: fixed a memory leak in ocfs2stackglueinit The ocfs2tableheader should be freed in ocfs2stackglueinit if ocfs2sysfsinit fails; otherwise, kmemleak will report a memory leak. BUG: memory leak Unreferenced object:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ice: switch: fix potential memleak in iceaddadvrecipe When iceaddspecialwords fails, the 'rm' is not released, which will lead to a memory leak. Fix this up by going to 'errunroll' label. Compile tested only...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

KGDB and KDB allow read and write access to kernel memory, and therefore should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger, so it is important that the debugger respects the lockdown mode when/if it is triggered. CVSS 3.1 Base Score: 6.7...

Astra Linux - уязвимость в linux-5.10

An information leak flaw was discovered due to uninitialized memory in the Linux kernel’s TIPC protocol subsystem, during the process of a user sending a TIPC datagram to one or more destinations. This flaw allows a local user to read certain parts of the kernel’s memory. The affected data is no...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: SELinux: The use of both GFPKERNEL and GFPATOMIC in convertcontext was enabled. The following warnings were triggered in a hardware environment: SELinux: Converting 162 SID table entries… BUG: A sleeping function was called fr...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: arm64: mm: fixed the sanity check for VA-range Both createmappingnoalloc and updatemappingprot perform sanity checks on their ‘virt’ parameter. However, the check itself doesn’t make much sense. The condition used today seems ...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcdmipid: Fixed an error handling path in mipidspiprobe. If ‘mipiddetect’ fails, we must free ‘md’ to avoid a memory leak...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix uninit memory after failed miread in miformatnew Fix a KMSAN un-init bug found by syzkaller. ntfsgetbh expects a buffer from sbgetblk, that buffer may not be uptodate. We do not bring the buffer uptodate before setting...

SUSE CVE-2026-31698

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed When retrieving the PDH cert, don't attempt to copy the blobs to userspace if the firmware command failed. If the failure was due to an invalid length...

Linux Distros Unpatched Vulnerability : CVE-2026-31697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed When retrieving the ID for the CPU, don't attempt to copy the ID blob to userspace if t...