60 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46116
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfreject: Do not leak the destination refcount for loopback packets. Recent patches that added a warning when replacing the skb dst entry fixed an old bug. WARNINGS: - include/linux/skbuff.h:1165: skbdstcheckunset →...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: jfs: Fixed the uninit-value access to imap allocated in the diMount function. The syzbot reports that hexdumptobuffer uses uninit-value: ===================================================== BUG: KMSAN: uninit-value in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: Prevent A-MSDU attacks in mesh networks This patch is a mitigation measure to prevent the A-MSDU spoofing vulnerability in mesh networks. The initial update to the IEEE 802.11 standard, in response to FragAttacks, overlooke...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: A race condition between handleposixcputimers and posixcputimerdel has been fixed. If a task that exits without autoreaping has already called exitnotify and calls handleposixcputimers from the IRQ, it can be...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fixed null pointer dereferencing in pidfffindfields This function triggered a null pointer dereference if it was used to search for a report that wasn’t implemented on the device. This occurred both for optional and...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fixed a device reference count leak in atrtrcreate. When updating an existing route entry in atrtrcreate, the old device reference was not released before assigning the new device, resulting in a device reference...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: mptcp: make the fallback action and decision atomic. Syzkaller reported the following errors: WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcpdofallback net/mptcp/protocol.h:1223 inline WARNING: CPU: 1 PID: 7704 at...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
A transient execution vulnerability in some AMD processors may allow an attacker to extract data from previous memory stores, potentially leading to the leakage of privileged information...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: drm/v3d: Disabling interrupts before resetting the GPU Currently, an interrupt can be triggered during a GPU reset, which can lead to GPU hangs and NULL pointer dereferencing in an interrupt context, as shown in the following...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: bcache: fixed a NULL pointer in cachesetFlush 1. LINE1794 – LINE1887 contains code related to the function of bchcachesetalloc. 2. LINE2078 – LINE2142 contains code related to the function of registercacheset. 3. The...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV-ES intra-host migration if vCPU creation is in progress Migrations of SEV-ES state are rejected if either the source or destination VM is actively creating a vCPU. This occurs when the kvmvmioctlcreatevcpu...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
A transient execution vulnerability in some AMD processors may allow an attacker to extract data from the L1D cache, potentially leading to the leakage of sensitive information across privileged boundaries...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
Improper initialization of the CPU cache memory could allow a privileged attacker with access to the hypervisor to overwrite the SEV-SNP guest memory, resulting in loss of data integrity...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: rose: Fixed dangling neighbor pointers in rosertdevicedown. There are two bugs in rosertdevicedown that can lead to use-after-free situations: 1. The loop variable t-count is modified within the loop, which can cause the loop ...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed a race condition when updating an existing write request. After the nfslockandjoinrequests function checks whether the request is still attached to the mapping, nothing prevents a call to nfs inoderemoverequest from...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: eventpoll: don't decrement ep refcount while still holding the ep mutex Jann Horn points out that epoll is decrementing the ep refcount and then doing a mutexunlock&ep-mtx; afterwards. That's very wrong, because it can lead to a...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: RCU: Protect - deferqsiwpending from data race On kernels built with CONFIGIRQWORK=y, when rcureadunlock is invoked within a code region where interrupts are disabled 1, it will invoke rcureadunlockspecial, which uses an irq-work...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix use-after-free in AARP proxy probe The AARP proxy-probe routine aarpproxyprobenetwork sends a probe, releases the aarplock, sleeps, and then re-acquires the lock. During this period, a timer thread...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: This issue prevents OOB out-of-band reading during the parsing of the SS endpoint companion. The usbparsessendpointcompanion function checks the descriptor type before the length, thereby preventing a potential...