Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: zram: Fixed the race condition involving slot write operations. Parallel concurrent writes to the same zram index result in the zsmalloc handles being leaked. Schematically, it looks like this: CPU0 CPU1 zramslotlock zsfree...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: pinctrl: rockchip: Fixed the refcount leak in rockchippinctrlparsegroups. The function offindnodebyphandle returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer necessary. Add th...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: nullblk: fixed handling of poll request timeouts When performing the iouring benchmark on /dev/nullb0, it’s easy for the kernel to crash if poll requests time out, as reported by David. 1 BUG: Kernel NULL pointer dereferencing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is counted as a MMCID user before it becomes visible in the process’ thread list and the global task list. This creates the following problem: CPU1 CPU2...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Tracing: The “Drain deferred trigger” operation is freed if kthread creation fails. Registration of boot-time triggers may fail before the trigger-data cleanup is completed. If a kthread exists, deferring the “Drain deferred...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm: Fixed a livelock/fasting problem caused by hmmrangefault If hmmrangefault fails a foliotrylock in doswappage, and attempts to acquire the lock of a device-private folio for migration, the function will spin until it...

Astra Linux - уязвимость в linux-5.10

A vulnerability was discovered in the kvms390guestsidaop function within the arch/s390/kvm/kvm-s390.c file in KVM for s390 in the Linux kernel. This flaw allows a local attacker with normal user privileges to gain unauthorized memory write access. This vulnerability affects Linux kernel versions...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: Stop checking the validity of op-maxfreq in the supportsop callback. In commit 13529647743d9 “spi: microchip-core-qspi: Support frequency switches per spi-memory operation”, the logic for checking the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In ext4, the work related to queued discard operations is always drained in ext4mbrelease. While reviewing the recent ext4 patch1, Sashiko raised the following concern2: If the filesystem is initially mounted with the discard...

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

kernel: Linux kernel: RDMA/rxe use-after-free vulnerability leading to potential arbitrary code execution

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe component. This use-after-free vulnerability occurs in the rxecreatecq function. When the rxecqfrominit function fails, the subsequent call to rxecleanup attempts to free memory resource...

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

kernel: Linux kernel: Denial of service and memory corruption in RDMA umad

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...

SUSE CVE-2026-43491

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum server registration per node Current code does no bound checking on the number of servers added per node. A malicious client can flood NEWSERVER messages and exhaust memory. Fix this issue by...

SUSE CVE-2026-43492

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

SUSE CVE-2026-43493

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix handling of MAYBACKLOG requests MAYBACKLOG requests can return EBUSY. Handle them by checking for that value and filtering out EINPROGRESS notifications...

ROS-20260520-73-0001

A vulnerability in the HID component of the Linux operating system kernel is related to memory utilization after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021650)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021650 advisory. In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow An UAF can happen when /proc/cpuset is read as...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021497)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021497 advisory. In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the...