Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange The uarthandlectschange function must be called with the port locked. Since we execute it in a separate thread, the lock might not be acquired at the time of...

PT-2026-36391

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A spin lock/unlock mismatch exists in the dwc2 hsotg udc stop function. The dwc2 gadget exit clock gating function internally utilizes the call gadget macro, which requires hsotg-lock to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-006567)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006567 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Grab sasdev lock when traversing the members of sasdev.list When freeing slots in...

CVE-2026-23179

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fixup hang in nvmettcplistendataready When the socket is closed while in TCPLISTEN a callback is run to flush all outstanding packets, which in turns calls nvmettcplistendataready with the skcallbacklock held. So we ne...

CVE-2025-71132

In the Linux kernel, the following vulnerability has been resolved: smc91x: fix broken irq-context in PREEMPTRT When smc91x.c is built with PREEMPTRT, the following splat occurs in FVPRevC: 13.055000 smc91x LNRO0003:00 eth0: link up, 10Mbps, half-duplex, lpa 0x0000 13.062137 BUG: workqueue leaked...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper lock acquisition during a fallback, which could lead to a deadlock...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via a race condition in the acquire method. An attacker can cause lock operations to fail or behave unexpectedly by creating a symlink at the lock file path between the permission check and file creation. Remediation...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992511)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992511 advisory. In the Linux kernel, the following vulnerability has been resolved: mm,hugetlb: take hugetlblock before decrementing h-resvhugepages The h-hugepages counters are...

CVE-2023-54082 af_unix: Fix null-ptr-deref in unix_stream_sendpage().

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro. unixstreamsendpage tries to add data to the last skb in the peer's re...

CVE-2025-40347 net: enetc: fix the deadlock of enetc_mdio_lock

In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix the deadlock of enetcmdiolock After applying the workaround for err050089, the LS1028A platform experiences RCU stalls on RT kernel. This issue is caused by the recursive acquisition of the read lock enetcmdiolock...

kernel: Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix "bad unlock balance" in l2capdisconnectrsp conn-chanlock isn't acquired before l2capgetchanbyscid, if l2capgetchanbyscid returns NULL, then 'bad unlock balance' is triggered...

PT-2025-41071

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to SCSI operations with the hisi sas driver. Specifically, a NULL pointer dereference can occur when freeing slots, potentially triggered during...

CLSA-2025-1757967705 kernel: Fix of 42 CVEs

x86/kvm: Disable kvmclock on all CPUs on shutdown CVE-2021-47110 - posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - cifs: fix double free race when mount fails in cifsgetroot CVE-2022-48919 - aio: mark AIO pseudo-fs noexec CVE-2016-10044 - cifs:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improper acquisition of a conditional lock, which could lead to a deadlock...

ALPINE-CVE-2025-1713

When setting up interrupt remapping for legacy PCI-X devices, including PCI-X bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This can lead to a deadlock...

CVE-2025-1713 deadlock potential with VT-d and legacy PCI device pass-through

When setting up interrupt remapping for legacy PCI-X devices, including PCI-X bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This can lead to a deadlock...

Xen 安全漏洞

Xen is an open source virtual machine monitor product from Xen Open Source. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen that stems from an...

PT-2025-29026

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition exists in the has locked children function within the fs/fhandle.c file of the Linux kernel. The may decode fh function calls has locked children without acquiring the...

CVE-2025-37921

In the Linux kernel, the following vulnerability has been resolved: vxlan: vnifilter: Fix unlocked deletion of default FDB entry When a VNI is deleted from a VXLAN device in 'vnifilter' mode, the FDB entry associated with the default remote assuming one was configured is deleted without holding t...

kernel: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()

In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning 1. Fix by using...