431 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: exfat: Use kvmallocarray/kvfree instead of kmallocarray/kfree. The call stack shown below represents a scenario in the Linux 4.19 kernel. Memory allocation failed for the exfat file system, due to system memory fragmentation...
Astra Linux – Vulnerability in Linux
A issue was discovered in the Linux kernel before version 5.8.10. The file virt/kvm/kvmmain.c contains a memory leak in kvmiobusunregisterdev due to a kmalloc failure, identified as CID-f65886606c2d...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: slab: Fixed the context check for kmallocnolock in the PREEMPTRT kernel mode. In PREEMPTRT kernels, locallock acts as a sleeping lock. The current check in kmallocnolock only verifies that the context does not match NMI or hardIR...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this by using the cifssgsetbuf helper function, which converts vmalloc’d...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check for a potential null return from kmallocarray. Since kmallocarray may return null, the use of 'eventwaitersi.wait' could lead to a null pointer derefrence. Therefore, it is better to check the return value of...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Related to overlay: fixing a null pointer dereferencing issue in finddupcsetnodeentry and finddupcsetprop. When kmalloc fails to allocate memory in kasprintf, fn1 or fn2 will be NULL, and strcmp will cause a null pointer...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KEYS: Trusted: dcp: Fix improper use of sg with CONFIGVMAPSTACK=y When CONFIGVMAPSTACK=y is enabled, DCP-trusted keys may crash during the encoding and decryption of the blob encryption key via the DCP crypto driver. This issue...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: Handling of integer overflows in kmallocreserve The committed change was as follows: c ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This caused various crashes, as reported ...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: coda: A check for kmalloc has been added. Since kmalloc may return a NULL pointer, it is better to check the return value to avoid dereferencing a NULL pointer, just like with the other cases...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iouring: add a schedule point in ioaddbuffers Looping 65535 times doing kmalloc calls can trigger soft lockups, especially with DEBUG features like KASAN. 253.536212 watchdog: BUG: soft lockup - CPU64 stuck for 26s!...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: udmabuf: validate ubuf-pagecount Syzbot reported a GPF in sgallocAppendTablefromPages. The problem lies in ubuf-pages == ZEROPTR. ubuf-pagecount is calculated based on arguments passed from user-space. If the user creates an...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the size of the bloom filter map values This patch adds a missing check to the bloom filter creation process, preventing the rejection of values that exceed KMALLOCMAXSIZE. This brings the bloom map in line with many...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: usb: gadget: Fixed a use-after-free in compositedevcleanup. 1. In func configfscompositebind - compositeosdescreqprepare: If kmalloc fails, the pointer cdev-osdescreq will be freed but not set to NULL. This will result in a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: safesetid: Check the size of policy writes. syzbot attempts to write a buffer with a large size to a sysfs entry. The writing is handled by handlepolicyupdate, which triggers a warning in kmalloc. Check the size specified for the...
Linux Distros Unpatched Vulnerability : CVE-2026-45979
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpucsparserbos In low memory conditions, kmalloc can fail. In su...
Linux Distros Unpatched Vulnerability : CVE-2026-45853
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may u...
SUSE CVE-2026-45979
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpucsparserbos In low memory conditions, kmalloc can fail. In such conditions unlock the mutex for a clean exit. We do not need to amdgpubolistput as it's been handled in the amdgpucsparserfini...
SUSE CVE-2026-46029
In the Linux kernel, the following vulnerability has been resolved: mm/slab: return NULL early from kmallocnolock in NMI on UP On UP kernels !CONFIGSMP, spintrylock is a no-op that unconditionally succeeds even when the lock is already held. As a result, kmallocnolock called from NMI context can...
CVE-2026-47328
Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmallocd, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata an...
CVE-2026-46029
A flaw was found in the Linux kernel. In uniprocessor UP kernel configurations, a race condition can occur within the slab memory allocator when kmallocnolock is invoked from a Non-Maskable Interrupt NMI context. This allows the allocator to attempt to acquire a spinlock that is already held,...