176 matches found
CVE-2026-53326
The CVE-2026-53326 issue affects the Linux kernel (debugobjects) on ARM64 PREEMPT_RT builds during early boot. The root cause was attempting to fill a pool within hardirq context before the scheduler is enabled, potentially causing a deadlock when a hard interrupt hits a lock-protected allocation...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/shtmu: Always leave the device running after a probe. The TMU device can be used both as a clocksource and as a clockevent provider. The driver attempts to manage its own power state and clock settings—turning...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86: Added SRCU protection for reading PDPTRs in getsregs2. Added read-side protection when reading PDPTR registers in getsregs2. Reading PDPTRs may trigger access to guest memory: kvmpdptrread - svmcachereg - loadpdptrs ...
SUSE CVE-2026-46304
In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid recursive nvmet-wq flush in nvmetctrlfree nvmettcpreleasequeuework runs on nvmet-wq and can drop the final controller reference through nvmetcqput. If that triggers nvmetctrlfree, the teardown path flushes...
CVE-2026-46304
MODE C: The CVE-2026-46304 entry centers on the Linux kernel nvmet subsystem. The vulnerability stems from nvmet_tcp_release_queue_work() running on the nvmet-wq and possibly dropping the final controller reference through nvmet_cq_put(), which can trigger nvmet_ctrl_free() and flush ctrl->asy...
CVE-2026-46304
In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid recursive nvmet-wq flush in nvmetctrlfree nvmettcpreleasequeuework runs on nvmet-wq and can drop the final controller reference through nvmetcqput. If that triggers nvmetctrlfree, the teardown path flushes...
CVE-2026-46304 nvmet: avoid recursive nvmet-wq flush in nvmet_ctrl_free
In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid recursive nvmet-wq flush in nvmetctrlfree nvmettcpreleasequeuework runs on nvmet-wq and can drop the final controller reference through nvmetcqput. If that triggers nvmetctrlfree, the teardown path flushes...
PT-2026-47375
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the NVMe target controller teardown process where a recursive workqueue flush can occur. Specifically, the nvmet tcp release queue work function runs on the nvmet-wq...
CVE-2026-46252
A flaw was found in the Linux kernel's regulator core. Incorrect handling of locking in the regulatorresolvesupply function's error path can trigger a lockdep warning. This issue may allow for concurrent access problems, potentially leading to system instability or a denial of service DoS conditi...
CVE-2026-46252 regulator: core: fix locking in regulator_resolve_supply() error path
In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix locking in regulatorresolvesupply error path If late enabling of a supply regulator fails in regulatorresolvesupply, the code currently triggers a lockdep warning: WARNING: drivers/regulator/core.c:2649 at...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nvmet: moving async event work off nvmet-wq For the target function nvmetctrlfree, the variable ctrl-asynceventwork is flushed. If nvmetctrlfree runs on nvmet-wq, the flush re-enters the workqueue completion for the same worker. ...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: kcm: fixed the order of calls to strpinit and cleanup. strpinit is called just a few lines above this csk-skuserdata check. It also initializes strp-work, etc. Therefore, there’s no need to call strpdone to cancel the newly...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fixed a race condition involving VMA iteration and mmstruct teardown. The exitmmap function will tear down the VMAs and the maple tree, provided that the mmaplock is held in write mode. Ensure that the maple tree remains...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: wilc1000 – Fixed RCU usage in the connect path. With lockdep enabled, calls to the connect function from the cfg802.11 layer lead to the following warning: ============================= WARNING: Suspicious RCU usage...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix lockdep warning during rmmod The commit under the Fixes tag added a netdevassertlocked in bnxtfreentpfltrs. The lock should be held during normal run-time but the assert will be triggered see below during bnxtremoveon...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/Mellanox: mlxbf-pmc – added sysfsattrinit to countClock initialization. The lock-related debugging logic CONFIGLOCKSTAT in the kernel issues the following warning when the BlueField-3 SOC is booted: BUG: The key...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: mm/khugepaged: fixed -anonvma race condition If an -anonvma is attached to the VMA, the collapseandfreepmd function requires it to be locked. Page table traversal is allowed under either the mmap lock, the anonvma lock if the...
SUSE CVE-2026-43285
In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current-memsallowedseq if !allowspin Lockdep complains when getfromanypartial is called in an NMI context, because current-memsallowedseq is seqcountspinlockt and not NMI-safe:...
SUSE CVE-2026-43227
In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/shtmu: Always leave device running after probe The TMU device can be used as both a clocksource and a clockevent provider. The driver tries to be smart and power itself on and off, as well as enabling and...
UBUNTU-CVE-2026-43285
In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current-memsallowedseq if !allowspin Lockdep complains when getfromanypartial is called in an NMI context, because current-memsallowedseq is seqcountspinlockt and not NMI-safe:...