Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: regmap: A possible double-free condition in regcacherbtreeexit has been fixed. In regcacherbtreeinserttoblock, when realloc fails with the value “present”, the “blk” variable, which is supposed to point to ‘rbnode-block’, will be...

CVE-2026-43389

CVE-2026-43389 affects the Linux kernel memfd_luo subsystem. The root cause is a flaw where preserving LUO state could leave folios marked clean, risking data loss if they are dirtied later and reclaimed under memory pressure. The fix changes all folios of the file to be dirty and sets MEMFD_LUO_...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Several fixes to bpfmsgpopdata Several fixes to bpfmsgpopdata: 1. In skmsgshiftleft, we should use putpage. 2. If len == 0, returning early is better. 3. Popping the entire skmsg last == msg-sg.size should be...

CVE-2026-31749

Technical details for CVE-2026-31749 are not publicly provided in the supplied connected documents; no vendor/product/versions, root cause, or remediation are described beyond the initial summary. Monitor for updates.

CVE-2026-23041

CVE-2026-23041 (bnxt_en, Linux kernel) : A NULL-pointer dereference occurs in bnxt_ptp_enable during error cleanup when bnxt_init_one() fails. The error path frees HWRM resources (destroying the DMA pool and setting bp->hwrm_dma_pool to NULL) and later calls bnxt_ptp_clear(), which triggers pt...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005122)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005122 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix possible null-ptr-deref in ocfs2setbufferuptodate When doing cleanup, if flags without...

SUSE CVE-2023-54204

In the Linux kernel, the following vulnerability has been resolved: mmc: sunplus: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, 1. the memory allocated in mmcallochost will be leaked 2. null-ptr-deref will happen when calling mmcremovehost in...

CVE-2023-53998 hwrng: virtio - Fix race on data_avail and actual data

In the Linux kernel, the following vulnerability has been resolved: hwrng: virtio - Fix race on dataavail and actual data The virtio rng device kicks off a new entropy request whenever the data available reaches zero. When a new request occurs at the end of a read operation, that is, when the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990824)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990824 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Use skbsetlength for resetting urb before resubmit Syzbot points out that skbtrim...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990084)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990084 advisory. In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking If a device uses MCP23xxx...

CVE-2025-40049

CVE-2025-40049 is a Linux kernel vulnerability in the Squashfs filesystem. The issue arises when squashfs_get_parent() is called with a non-directory inode (e.g., a symbolic link) and the parent field is uninitialized, leading to an uninitialized-value access. The fixed patch initializes parent t...

EUVD-2025-29602

Malicious code in bioql PyPI...

CVE-2023-53530 scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id()

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of smpprocessorid The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC0: controller connect complete localhost kernel: BUG: using smpprocessorid in preemptible...

kernel: drm/vkms: Fix null-ptr-deref in vkms_release()

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix null-ptr-deref in vkmsrelease A null-ptr-deref is triggered when it tries to destroy the workqueue in vkms-output.composerworkq in vkmsrelease. KASAN: null-ptr-deref in range 0x0000000000000118-0x000000000000011f CP...

SUSE CVE-2025-38628

In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5vdpafree is the single entrypoint for removing the vdpa device resources added in mlx5vdpadevadd, even in the cleanup...

DEBIAN-CVE-2025-37900

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix two issues in iommucopystructfromuser In the review for iommucopystructtouser helper, Matt pointed out that a NULL pointer should be rejected prior to dereferencing it:...

SUSE CVE-2024-56585

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix sleeping in atomic context for PREEMPTRT Commit bab1c299f3945ffe79 "LoongArch: Fix sleeping in atomic context in setuptlbhandler" changes the gfp flag from GFPKERNEL to GFPATOMIC for allocpagesnode. However, for...

SUSE CVE-2024-40905

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible race in fib6droppcpufrom syzbot found a race in fib6droppcpufrom 1 If compiler reads more than once ppcpurt, second read could read NULL, if another cpu clears the value in rt6getpcpuroute. Add a READONCE to...

UBUNTU-CVE-2024-26785

In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix protection fault in iommufdtestsyzconviova Syzkaller reported the following bug: general protection fault, probably for non-canonical address 0xdffffc0000000038: 0000 1 SMP KASAN KASAN: null-ptr-deref in range...