CVE-2026-46183

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect path kfree with damonsysfslock damonsysfsquotgoal-path can be read and written by users, via DAMON sysfs 'path' file. It can also be indirectly read, for the parameters on,offline committing to...

UBUNTU-CVE-2026-45915

In the Linux kernel, the following vulnerability has been resolved: fat: avoid parent link count underflow in rmdir Corrupted FAT images can leave a directory inode with an incorrect inlink e.g. 2 even though subdirectories exist. rmdir then unconditionally calls dropnlinkdir and can drive inlink...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtiopci: Fixed the cleanup of admin vq by using the correct info pointer. The functions vpmodernavqcleanup and vpdelvqs clean up admin vq resources using the virtiopcivqinfo pointer. The info pointer for admin vq is stored in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Do not skip expired elements during the walk. There is an asymmetry between the commit/abort phase and the preparation phase if the following conditions are met: 1. set is a verdict map “1.2.3.4 : jump foo”. ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: sched: Fixed schednumafindnthcpu when the mask is offline. schednumafindnthcpu uses bsearch to find the “closest” CPU in scheddomainsnumamasks, given a CPU mask. However, the CPUs in the mask might not intersect if all CPUs in...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is validated by...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: media: atomisp: Fixed a stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable, and the EFI variable is larger than the expected buffer size, two behaviors combine to cause a stack buffer...

EUVD-2026-28778

In the Linux kernel, the following vulnerability has been resolved: unshare: fix unsharefs handling There's an unpleasant corner case in unshare2, when we have a CLONENEWNS in flags and current-fs hadn't been shared at all; in that case copymntns gets passed current-fs instead of a private copy,...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: nixge: fixed NULL dereference issue. In the function nixgehwdmabdrelease, dereferencing a NULL pointer priv-rxbdv could occur in the case of allocation failure in nixgehwdmabdinit. The move operation and the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: peakpci: peakpciremove: fix UAF When remove the module peekpci, referencing 'chan' again after releasing 'dev' will cause UAF. Fix this by releasing 'dev' later. The following log reveals it: 35.961814 BUG: KASAN:...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: setpageextentmapped after readfolio in btrfscontexpand While trying to get the subpage blocksize tests running, I hit the following panic on generic/476 assertion failed: PagePrivatepage && page-private, in...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: virtioconsole: removed the anonymous moduleinit and moduleexit functions. These anonymous functions can cause confusion or ambiguity when reading the System.map file, or during crashes/oops/bugs situations, or in the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smcrreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpuregssmc file could result in an abnormal null pointer access when the smcrreg pointer is NULL...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: drop bad gso csumstart and offset in virtionethdr Tighten csumstart and csumoffset checks in virtionethdrtoskb for GSO packets. The function already checks that a checksum requested with VIRTIONETHDRFNEEDSCSUM is in skb...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copyfromkernelnofault When trying to use copyfromkernelnofault to read vsyscall page through a bpf program, the following oops was reported: BUG: unable to handle page fault for address:...

SUSE CVE-2026-23352

In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efifreebootservices frees memory occupied by EFIBOOTSERVICESCODE and EFIBOOTSERVICESDATA using memblockfreelate. There are two issue with that: memblockfreelate should be used for...

SUSE CVE-2026-23159

In the Linux kernel, the following vulnerability has been resolved: perf: sched: Fix perf crash with new isusertask helper In order to do a user space stacktrace the current task needs to be a user task that has executed in user space. It use to be possible to test if a task is a user task or not...

CVE-2026-23124

CVE-2026-23124 is a Linux kernel IPv6 data-race issue in ndisc_router_discovery() where reads/writes to in6_dev->ra_mtu occur without proper synchronization. The race can occur during router advertisement MTU handling (mtu checks are noted but not yet enforced); the fix adds READ_ONCE()/WRITE_...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000589)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000589 advisory. Use-after-free vulnerability in the pathopenat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000895)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000895 advisory. Buffer overflow in the ozcdevwrite function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or...