Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpt3sas: A kernel panic occurred during the drive powercycle test. While iterating through Shost’s sdev list, it is possible that one of the drives is being removed, and its sastarget object is freed, but its sdev object...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

A flaw was discovered in the parsing of extended attributes in the kernel’s ksmbd module. The issue arises due to the lack of proper validation of user-provided data, which can lead to data being read beyond the end of an allocated buffer. An attacker can exploit this vulnerability to disclose...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: can:bcm:bcmtxsetup: fixed the KMSAN uninit-value issue in vfswrite. Syzkaller reported the following issues: ===================================================== BUG: KMSAN: uninit-value in aiorwdone, file fs/aio.c:1520 inlin...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: md: The mdstopwrites function is called in mdstop. From the link 1, we can see that raid1d continued to run even after the path raiddtr - mdstop - mdstop. We should stop writing data first in the destructor, to align with the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: riscv/kprobe: Fixed instruction simulation for JALR. Setting kprobe at ‘jalr 1140ra’ in vfswrite results in the following crash’: 32.092235 Unable to handle kernel access to user memory without uaccess routines at virtual address...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed a deadlock issue during reading mqd from debugfs An erroneous disk backup on my desktop entered the debugfs directory, triggering the following deadlock scenario in the amdgpu debugfs files. The machine also...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/xemigrate: Casting to output precision before multiplying operands This fix addresses a potential overflow issue in the result of multiplying two operands with lower precision u32, before widening them to a higher precisio...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86 – Handling of SRCU initialization failures during page track initialization Check the return value of initsrcustruct, which may fail due to OOM conditions when initializing the page track mechanism. Lack of proper checki...

Astra Linux - уязвимость в linux, linux-5.10

The function emsusbstartxmit in the file drivers/net/can/usb/emsusb.c within the Linux kernel, up to version 5.17.1, contains a double-free...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: SCSI: QLA2xxx – Fixed potential NULL pointer dereferencing issues. The Klocwork tool reported that “curdsd” might be dereferenced. A fix has been added to validate the pointer before dereferencing it...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: be2net: Buffer overflow has been fixed in begetmoduleeeprom. becmdreadporttransceiverdata assumes that it is given a buffer that is at least PAGEDATALEN long, or twice that if the module supports SFF 8472. However, this is not...

Astra Linux - уязвимость в linux-5.10

A issue was discovered in the Linux kernel through version 5.16-rc6. The lkdtmARRAYBOUNDS function in drivers/misc/lkdtm/bugs.c lacks a check for the return value of kmalloc, which can lead to a null pointer derefrence...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed a use-after-free caused by l2capreassemblesdu. Fixed a race condition between the following two processes that run parallelly: 1. l2capreassemblesdu - chan-ops-recv l2capsockrecvcb - sockqueuercvskb. 2...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Do not log keys during SMB3 signing and encryption key generation. When the KSMBDDEBUGAUTH logging option is enabled, the functions generatesmb3signingkey and generatesmb3encryptionkey log the bytes of the session, signing...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 – fixed the use of memory after it is freed in rmiunregisterfunction. The putdevice function calls rmireleasefunction, which frees the “fn” pointer. Therefore, dereferencing fn-numofirqs in the next line...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: dsa: ocelot: The function dsatag8021qunregister is called under rtnllock when removing a driver. When the currently used tagging protocol is “ocelot-8021q”, and we unbind the driver, we encounter this error: bash $ echo...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cpumap: The xdprxqinfo structure must be initialized to zero before running the XDP program. When running an XDP program that is associated with a cpumap entry, we do not initialize the xdprxqinfo data structure, which is used in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Wireguard: Receive: Annotated data-race around receivingcounter.counter. Syzkaller with KCSAN identified a data-race issue when accessing keypair-receivingcounter.counter. Use READONCE and WRITEONCE annotations to mark the dat...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fixed a deadlock in usbdeauthorizeinterface Among the attribute file callback routines in drivers/usb/core/sysfs.c, the interfaceauthorizedstore function is the only one that acquires a device lock on an ancestor devic...

CVE-2026-46092 affecting package kernel for versions less than 6.6.139.1-1

CVE-2026-46092 affecting package kernel for versions less than 6.6.139.1-1. A patched version of the package is available...