411 matches found
kernel: exit: prevent preemption of oopsing TASK_DEAD task
A flaw was found in the Linux kernel. During the exit process of a task that has encountered an error, the system can incorrectly allow the task to be interrupted. This can lead to improper management of the task's memory, potentially causing memory corruption. Such an issue could allow a local...
Linux Distros Unpatched Vulnerability : CVE-2026-53019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - clk: spacemit: ccumix: fix inverted condition in ccumixtriggerfc Fix inverted condition that skips frequency change trigger, causing kernel panics during cpufre...
CVE-2026-53083
A flaw was found in the Linux kernel. A missing condresched in the bpffdarraymapclear loop, specifically when handling BPF Berkeley Packet Filter PROGARRAY maps with numerous entries, can lead to an RCU Read-Copy Update stall. This can result in a Denial of Service DoS under heavy system load, as...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: dm: Clearing the clone request’s bio pointer when the last cloned bio is freed It was observed that stale values of rq-bio could lead to double initialization of cloned bios in request-based device-mapper targets, resulting in...
Security Bulletin: IBM MQ Appliance is affected by multiple open source vulnerabilities (CVE-2026-23193, CVE-2026-23231, CVE-2026-3497)
Summary IBM MQ Appliance has addressed multiple open source vulnerabilities. Vulnerability Details CVEID:CVE-2026-3497 DESCRIPTION: Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions...
CVE-2026-45974
A flaw was found in the Linux kernel's btrfs filesystem. The btrfsquotaenable function contains a logic error where it attempts to access an invalid memory location if a specific key is not found during a search operation. This incorrect handling of search results can lead to invalid leaf access,...
kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...
Astra Linux – Vulnerability in Linux 5.15
A issue was discovered in the Linux kernel through version 5.16-rc6. The function imxregisteruartclocks in drivers/clk/imx/clk.c lacks a check on the return value of kcalloc, which can lead to a null pointer dereferencing...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel up to 5.15.2, hwatlutilsfwrpcwait in drivers/net/ethernet/aquantia/atlantic/hwatl/hwatlutils.c allows an attacker who can introduce a crafted device to trigger an out-of-bounds write by using a crafted length value...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A flaw was discovered after the free function in the Linux kernel’s Xircom 16-bit PCMCIA PC-card Ethernet driver. A local user could exploit this flaw to crash the system or potentially escalate their privileges on the system...
Astra Linux – Vulnerability in Linux
A issue was discovered in the kernel of NetBSD 7.1. An Access Point AP forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated with the AP. This could be exploited in Wi-Fi networks to launch denial-of-service attacks against connected clients, and it...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: The pointer to debugfsdir is set to NULL after removing debugfs. If init debugfs fails during device registration due to a memory allocation failure, the function debugfsremoverecursive is called. However, debugfsd...
Astra Linux – Vulnerability in Linux 5.10
A flaw in the Linux kernel’s implementation of the RDMA communication manager listener code allowed an attacker with local access to set up a socket to listen on a high port. This allowed for a memory element to be used after it was freed. With the ability to execute code, a local attacker could...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A flaw was discovered in the Linux kernel’s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packets when using NVMe over TCP. This can lead to the NVMe driver dereferencing a NULL pointer, resulting in kernel panic and a denial of service...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: In the BPF code, ensure that skb-len != 0 when redirecting a packet to a tunneling device. The syzkaller function managed to trigger another case where skb-len == 0 when entering devqueuexmit. WARNING: CPU: 0, PID: 2470; Location...
Astra Linux – Vulnerability in Linux 5.10, Linux
A flaw was discovered in the Linux kernel. A NULL pointer dereference may occur when the slip driver is in progress to detach at sltxtimeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information...
CVE-2026-43357
A flaw was found in the iio: gyro: mpu3050-core driver of the Linux kernel. Incorrect error handling in the power management runtime functions allows the driver to attempt accessing hardware that may have failed to resume. This can lead to an unconditionally incremented device usage count,...
GHSA-M38G-VWW2-MVGX Talos Linux has a local privilege escalation from untrusted workloads
Summary A vulnerability in the Linux kernel's algifaead subsystem CVE-2026-31431, "copy.fail" allows an unprivileged container workload to corrupt arbitrary file page-cache pages via the AFALG crypto interface and splice. On Talos Linux, this vulnerability can be chained into a complete node...
Linux Distros Unpatched Vulnerability : CVE-2026-43087
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Disable all pin interrupts during probe A chip being probed may have the...
CVE-2026-43261
A flaw was found in the Linux kernel. This vulnerability affects systems running on TSV110 processors, making them susceptible to the Spectre-BHB Branch History Buffer attack. A local attacker could exploit this side-channel vulnerability to potentially leak sensitive information by observing...