Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: clk: ti: dra7-atl: Fixed a reference leak in ofdra7atlclkprobe. pmruntimegetsync will increment the pm usage counter. Forgetting to perform the necessary operations will result in a reference leak. Added the missing...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/mxsfb: Disabling the overlay plane in mxsfbplaneoverlayatomicdisable When disabling the overlay plane in mxsfbplaneoverlayatomicupdate, the framebuffer pointer of the overlay plane is NULL. Therefore, dereferencing it would...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: disabling the sending of iouring via sockets File reference cycles have caused many problems for iouring in the past. It still doesn’t work correctly, and it causes race conditions with unixstreamreadgeneric. The...

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2TREEDISCONNECT commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcildisc,serdev: failure in checking percpuinitrwsem syzbot reports a NULL pointer dereferencing at hciuartttyclose 1. For rcusyncenter, percpuinitrwsem is called without rcusyncinit, because hciuartttyopen ignores...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: sparx5: switchdev: fixed the possible NULL pointer dereferencing issue. As a possible failure in allocation, devmkzalloc may return a NULL pointer. Therefore, it is better to check for ‘db’ to prevent the dereferencing of a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs: PM: Fix reverse check in filesystemsfreezecallback The freezeallptr check in filesystemsfreezecallback introduced by commit a3f8f8662771 "power: always freeze efivarfs" is reverse which quite confusingly causes all file syste...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004133)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004133 advisory. getgatepage in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting caused by gate page...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: NFSD: Defined a proc-layout-commit for the FlexFiles layout type. Avoid a crash if a pNFS client happens to send a LAYOUTCOMMIT operation on a FlexFiles layout...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iommufd: Fixed a race condition during abort for file descriptors fput does not actually call fileoperations’ release method synchronously. Instead, it places the file in a work queue, and it will eventually be released. This is...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: crypto: rng - Ensure setent is always present Ensure that setent is always set, as it is only provided by drbg...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Media: PCI: mg4b: Fix for uninitialized IIO scan data. The issue of potential leakage of uninitialized stack data into the user space has been addressed by ensuring that the scan structure is cleared before use...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: hfsplus: fixed the KMSAN uninit-value issue in hfsplusdeletecat The syzbot reported an issue in hfsplusdeletecat: 70.682285 T9333=========================================== 70.682943 T9333 BUG: KMSAN: uninit-value in...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: blk-mq: Check the kobject creation status in sysfs before deleting it in blkmqunregisterhctx. In the function blkmqupdatenrHWqueues, the return value of blkmqsysfsregisterhctxs is not checked. If the creation of hctxs in sysfs...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: always set shared-phydev for LAN8814 Currently, during the LAN8814 PTP probe, shared-phydev is only set if the PTP clock is actually set. Otherwise, the function returns before setting it. This is a problem...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers, so the max3421hcd-spithread pointer can be either an error pointer or NULL. Check both cases before...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: fec: Fixed a possible issue related to NPD in fecenetPhyResetAfterclkEnable. The function phyfinddevice may return NULL, so we need to be careful when dereferencing phydev...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fixed null pointer access to epfile after ep enable. A race condition occurs when ffsfuncepsenable runs concurrently with ffsdatareset. The ffsdataclear function called in ffsdatareset sets ffs-epfiles to NULL...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fixed device use-after-free issues during unbind operations. A recent change addressed device reference leaks when querying DRM platform device driver data during bind operations. However, a partial fix previously...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: A divide-by-zero error can occur in damonreclaimapplyparameters. When creating a new scheme for DAMONRECLAIM, the calculation of ‘minageregion’ uses ‘aggrinterval’ as the divisor, which may lead to a...