152 matches found
The vulnerability of the skbuff network component in Linux operating system kernels allows attackers to increase their privileges.
The vulnerability of the skbuff network component in Linux operating systems is related to insufficient resource control during its existence. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the dwc3_remove_requests() function in Linux operating system kernels allows a attacker to cause a service failure or execute arbitrary code.
The vulnerability of the dwc3removerequests function in Linux operating system kernels is related to the situation of signal handling. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...
Important: cuda-drivers
Issue Overview: NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
Transmitted requests in Xen’s virtual network protocol can consist of multiple parts. Although none of them are actually useful, except for the initial part, any of these parts can be of zero length, meaning they carry no data at all. In addition to the certain initial portion of the data to be...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
A issue was discovered in the Linux kernel through version 6.5.9. During a race condition involving the exit of a SQ thread, a NULL pointer dereferencing in iouring/fdinfo.c’s iouringshowfdinfo function can occur...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ip: Fixed a data race around the sysctlfwmarkreflect function. When reading sysctlfwmarkreflect, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: UBLK: Failure to recover a device if queue setup is interrupted. In ublkctrlendrecovery, if waitforcompletioninterruptible is interrupted by a signal, the queues are not set up successfully. Therefore, we must fail the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: socinfo: Added kfree call for kstrdup. Added kfree in the subsequent error handling to avoid memory leaks...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k – Fix for htt.pktlog locking. The ath11k active PDevs are protected by RCUs, but the code that handles htt.pktlog, namely ath11kmacgetarbypdevid, was not marked as a read-side critical section. Mark the relevant code...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the drivers/video/fbdev/smscufx.c file within the Linux kernel, up to version 5.19.12, there is a race condition that can lead to a use-after-free if a physically nearby attacker removes a USB device while the open function is called. This issue is essentially a race condition between ufxopsop...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: USB: Roles – Fixed NULL pointer issue when referencing the module’s reference. In the current design, the USB role class driver will obtain a reference to the module of the usbroleswitch object after the user selects the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the rdsrecvtracklatency function in net/rds/afrds.c in the Linux kernel, from version 6.7.1 onwards, there is an off-by-one error in the comparison of RDSMSGRXDGRAMTRACEMAX, which leads to out-of-bounds access...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix for lz4 inplace decompression Currently, EROFS can map another compressed buffer for inplace decompression, which was used to handle cases where some pages of compressed data are not actually in-place I/O. However, lik...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Tracing/histograms: Fixed the memory leak issue. This issue is resolved through commit 46bbe5c671e06f070428b9be142cc4ee5cedebac. As mentioned in commit 46bbe5c671e0 “Tracing: fixed double-free”, the “double-free” problem reported...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A memory read flaw that is outside the safe bounds was discovered in receiveencryptedstandard in fs/smb/client/smb2ops.c, within the SMB Client sub-component of the Linux kernel. This issue arises due to an integer underflow occurring during the memcpy operation’s length calculation, resulting in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpgalloc. In tpgalloc, resources should be deallocated in every possible error-handling path, as they are allocated using for statements. Otherwise, memleaks could occur, since tpgfree is onl...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Added a check for kstrdup. Added a check on the return value of kstrdup, and return an error if it fails, in order to avoid NULL pointer dereferencing...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A deadlock flaw was discovered in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: UDP: The flag SOCKRCUFREE was set earlier in the udplibgetport function. The syzkaller triggered a warning 0 in the udpv4earlydemux function. In udpv46earlydemux and sklookup, we do not touch the refcount of the sk object;...
Important: kernel-livepatch-5.10.253-251.1014
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...