Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check for a potential null return from kmallocarray. Since kmallocarray may return null, the use of 'eventwaitersi.wait' could lead to a null pointer derefrence. Therefore, it is better to check the return value of...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fixed dtlaccesslock to use a rwsemaphore. The dtlaccesslock needs to be a rwsemaphore, a sleeping lock, because the code calls kmalloc while holding this lock, which can cause a sleep condition. bash echo 1...

Astra Linux - уязвимость в linux, linux-5.10

A issue was discovered in the Linux kernel through version 5.16-rc6. The function uapifinalize in drivers/infiniband/core/uverbsuapi.c lacks a check for the function kmallocarray...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: udmabuf: validate ubuf-pagecount Syzbot reported a GPF in sgallocAppendTableFromPages. The problem arose from the condition ubuf-pages == ZEROPTR. ubuf-pagecount is calculated based on arguments passed from the user-space. If the...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: pcmcia: Error handling was added for the addinterval function within dovalidatemem. In dovalidatemem, the call to addinterval does not handle errors. If kmalloc fails during addinterval, it may result in a null pointer being...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevents infinite recursion. If the buf + offset is not aligned to XECAHELINEBYTES, we fall back to using a bounce buffer. However, the bounce buffer is allocated on the stack, and the only alignment requirement...

SUSE CVE-2026-43330

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix overflow on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as otherwi...

CVE-2026-43330

CVE-2026-43330 relates to the Linux kernel crypto/caam path, where an overflow occurs when a long HMAC key (longer than the block size) is copied for hashing. The vulnerability arises because the copy’s allocated memory is aligned for DMA, and the original kmemdup path could read beyond the key b...

CVE-2026-43245

In the Linux kernel, the following vulnerability has been resolved: ntfs: -dcompare must not block ... so don't use getname there. Switch it and ntfsdhash, while we are at it to kmallocPATHMAX, GFPNOWAIT. Yes, ntfsdhash almost certainly can do with smaller allocations, but let ntfs folks deal wit...

CVE-2026-43245

CVE-2026-43245 affects the Linux kernel NTFS driver. The root cause is that ntfs: ->d_compare() could block, with related memory-allocation issues in names_cachep. The authenticated fixes switch critical paths to non-blocking allocations: use kmalloc(PATH_MAX, GFP_NOWAIT) for the path/name han...

CVE-2026-43245 ntfs: ->d_compare() must not block

In the Linux kernel, the following vulnerability has been resolved: ntfs: -dcompare must not block ... so don't use getname there. Switch it and ntfsdhash, while we are at it to kmallocPATHMAX, GFPNOWAIT. Yes, ntfsdhash almost certainly can do with smaller allocations, but let ntfs folks deal wit...

PT-2026-37585

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the NTFS driver where the d compare function improperly blocks due to the use of getname. To resolve this, the implementation was switched to use kmallocPATH MAX, GFP...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: The tty function causes a deadlock when calling printk, under the ttyport-lock condition. The ptywrite function invokes kmalloc, which may also invoke a normal printk to print failure messages. This can lead to a deadlock in the...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp using vsock, the data size is usually 32 kB. kmalloc seems to fail when trying to allocate 32 32 kB regions. vhost-5837: Page allocation...

Astra Linux - уязвимость в linux

An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvmmain.c has a kvmiobusunregisterdev memory leak upon a kmalloc failure, aka CID-f65886606c2d...

CVE-2026-43044

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix DMA corruption on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as...

EUVD-2026-26643

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix DMA corruption on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as...

DEBIAN-CVE-2026-31669

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the copying of an unregistered TCPv6 protocol during the MPTCP stream initialization process. Thi...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013608)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013608 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter kasprintf would return NULL pointer when kmallo...