Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A vulnerability was discovered in the HCI socket implementation due to a missing capability check in the net/bluetooth/hcisock.c file within the Linux kernel. This flaw allows an attacker to execute management commands without authorization, compromising the confidentiality, integrity, and...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: The BUG function call has been removed after failing to insert a delayed directory index entry. Instead of calling BUG when we fail to insert a delayed directory index entry into the delayed node’s tree, we can simply...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cpumap: The xdprxqinfo structure must be initialized to zero before running the XDP program. When running an XDP program that is associated with a cpumap entry, we do not initialize the xdprxqinfo data structure, which is used in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix for the condition effect bit clearing issue As reported by MPDarkGuy on Discord, NULL pointer dereferencing occurred because not all conditional effect bits were cleared. Properly clear all conditional effect bits...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn – Rejects AADs that are too short assoclen 8 to match the ESP/ESN specification. authencesn assumes that the AAD is in the ESP/ESN format. When the length of assoclen is shorter than the minimum expected length...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: dosysnametohandle: The use of kzalloc instead of kmalloc was corrected to prevent kernel-infoleak vulnerabilities. The syzbot identified a kernel information leak vulnerability in dosysnametohandle. The following reports were...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: power/reset: arm-versatile: The refcount leak in versatilerebootprobe has been fixed. The function offindmatchingnodeandmatch returns a node pointer with a refcount incremented. We should use ofnodeput on this pointer when it is ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: This vulnerability prevents a wraparound in the schema length during the trace fill operation. The ioam6fillTraceData function stores the schema contribution to the trace length in an u8 type variable. When bit 2...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Wireguard: Receive: Annotated data-race around receivingcounter.counter. Syzkaller with KCSAN identified a data-race issue when accessing keypair-receivingcounter.counter. Use READONCE and WRITEONCE annotations to mark the dat...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check the inode size of inline inodes. Check whether the inode size of inline inodes is within the allowed range when reading inodes from the disk gfs2dinodein. This prevents on-disk corruption. The two checks in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mctp: route: hold key-lock in mctpflowprepareoutput The mctpflowprepareoutput function checks key-dev and may call mctpdevsetkey. However, it does not hold key-lock during this process. Both mctpdevsetkey and mctpdevreleasekey...

[SECURITY] [DLA 4588-1] linux-6.1 security update

Debian LTS Advisory DLA-4588-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings May 19, 2026 https://wiki.debian.org/LTS Package : linux-6.1 Version : 6.1.172-1deb11u1 CVE ID : CVE-2026-46333 A vulnerability has been discovered in the Linux kernel that may lead to...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in buffer size calculation within the sps30i2creadmeas function. The sizeofnum operation...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the functions netshapernlgetdoit and netshapernlcapgetdoit. These functions incorrectly call nlmsgfree...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper setting or clearing of CR8 write interception when AVIC is activated. This vulnerability...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-11.0.1.1)

The version of AHV installed on the remote host is prior to AHV-11.0.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-11.0.1.1 advisory. - LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics...

TencentOS Server 4: kernel (TSSA-2026:0287)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0287 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-017398)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017398 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe...

Important: kernel-livepatch-6.18.8-9.213

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

Linux Distros Unpatched Vulnerability : CVE-2026-43469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xprtrdma: Decrement rereceiving on the early exit paths In the event that rpcrdmapostrecvs fails to create a work request due to memory allocation failure, say ...