CVE-2026-45959

The CVE-2026-45959 issue affects the Linux kernel crypto: CCP driver. A local pointer annotated with __cleanup(kfree) could cause kfree to receive the local stack address instead of the allocated memory, leading to a crash. The underlying cause is incorrect cleanup usage; the repository indicates...

CVE-2026-45853 drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocation. Using kfree to release vmalloc memor...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the unconditional success of the spintrylock operation when calling kmallocnolock within the NMI contex...

PT-2026-43896

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description On Uniprocessor UP kernels where CONFIG SMP is not enabled, the spin trylock function acts as a no-op and unconditionally succeeds. This allows kmalloc nolock called from a Non-Maskable...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of kmalloc when low memory conditions occur, resulting in the mutual locking mechanis...

PT-2026-43846

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpu cs parser bos In low memory conditions, kmalloc can fail. In such conditions unlock the mutex for a clean exit. We do not need to amdgpu bo list put as it's been handled in the amdgpu cs parser fin...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: safesetid: The size of policy writes is checked. syzbot attempts to write a buffer of a large size to a sysfs entry. The writing operation is handled by handlepolicyupdate, which triggers a warning in kmalloc. Check the size...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: slab: Fixed the context check for kmallocnolock in the PREEMPTRT kernel mode. In PREEMPTRT kernels, locallock acts as a sleeping lock. The current check in kmallocnolock only verifies that the context does not match NMI or hardIR...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: The tty function causes a deadlock when calling printk, under the ttyport-lock condition. The ptywrite function invokes kmalloc, which may also invoke a normal printk to print failure messages. This can lead to a deadlock in the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KEYS: Trusted: dcp: Fix improper use of sg with CONFIGVMAPSTACK=y When CONFIGVMAPSTACK=y is enabled, DCP-trusted keys may crash during the encoding and decryption of the blob encryption key via the DCP crypto driver. This issue...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: coda: A check for kmalloc has been added. Since kmalloc may return a NULL pointer, it is better to check the return value to avoid dereferencing a NULL pointer, just like with the other cases...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: mm/slub: Fixed the issue by returning errno if kmalloc fails. In createuniqueid, kmalloc, GFPKERNEL may fail due to out-of-memory conditions. If this happens, errno should be returned correctly instead of triggering a panic via...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: Handling of integer overflows in kmallocreserve The committed change was as follows: c ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This caused various crashes, as reported ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this by using the cifssgsetbuf helper function, which converts vmalloc’d...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the size of the bloom filter map values This patch adds a missing check to the bloom filter creation process, preventing the rejection of values that exceed KMALLOCMAXSIZE. This brings the behavior of the bloom filter ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: add a schedule point in ioaddbuffers Looping 65535 times doing kmalloc calls can trigger soft lockups, especially with DEBUG features like KASAN. 253.536212 watchdog: BUG: soft lockup - CPU64 stuck for 26s!...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: usb: gadget: Fixed a use-after-free in compositedevcleanup. 1. In func configfscompositebind - compositeosdescreqprepare: If kmalloc fails, the pointer cdev-osdescreq will be freed but not set to NULL. As a result, a failure...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: exfat: Use kvmallocarray/kvfree instead of kmallocarray/kfree. The call stack shown below represents a scenario in the Linux 4.19 kernel. Memory allocation failed for the exfat file system, due to system memory fragmentation, whi...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Issue: overlay – Fix null pointer dereferencing in finddupcsetnodeentry and finddupcsetprop. When kmalloc fails to allocate memory in kasprintf, fn1 or fn2 will be NULL, and strcmp will cause a null pointer dereference...

Astra Linux - уязвимость в linux-5.15

A NULL pointer dereference flaw was discovered in the Linux kernel’s drivers/gpu/drm/msm/msmgemsubmit.c code, specifically in the submitlookupcmds function. This flaw occurs because there is no check on the return value of kmalloc. This issue allows a local user to crash the system...