Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fixed the race condition involving the deleteendpoint function and the unregistration of parent ports. The CXL subsystem establishes a lineage of ports struct cxlport objects between an endpoint and the root of a CXL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed the xarray locking mechanism in nfsnetfsissueread for writeback interrupts. The loop within nfsnetfsissueread currently does not disable interrupts during the iteration of pages in the xarray to perform NFS reads. This...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Thermal/debugfs: Fixed two locking issues related to the thermal zone debug. With the current locking mechanism for thermal zones in the debugfs code, user space can open the “mitigations” file for a thermal zone before the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: The code correctly moves the list within scdisable. Commit 13bac861952a “IB/hfi1: Fix the abba locking issue with scdisable”. However, the code incorrectly attempts to move a list from one list head to another. This...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: mcast: fixed a data race in ipv6mcdown / mldifcwork. idev-mcifccount can be written to 0xffff88813a80c832, which is 1 byte, by task 3771 on CPU 0: mldifcstopwork in net/ipv6/mcast.c:1080 inline ipv6mcdown+0x10a/0x280 in...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nfsd: Locking is provided for v4endgrace. Writing to v4endgrace can cause a race condition with server shutdown, resulting in memory being accessed after it has been freed—especially in the case of reclaimstrhashtbl. We cannot ho...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: The release path is checked before inode lookup during the ino lookup ioctl operation. During the ino lookup ioctl operation, we may call btrfsiget to obtain an inode reference while we are holding onto the root’s btree...

Astra Linux - уязвимость в linux, linux-5.10

In ipcheckmcrcu of igmp.c, there is a potential use after free due to improper locking. This could lead to a local escalation of privileges when opening and closing inet sockets, without the need for additional execution privileges. User interaction is not required for exploitation. Product:...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In multiple functions of iouring.c, there is a possibility of kernel memory corruption due to improper locking. This could lead to a local escalation of privileges in the kernel, as execution privileges are required. User interaction is not necessary for exploiting this vulnerability...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: dma: xilinxdpdma: Fixing locking issues There are several places where either chan-lock or chan-vchan.lock was not held. Appropriate locking measures were added. This fixes lockdep warnings such as: 31.077578 ------------ Cut...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A denial-of-service issue was detected, possibly due to a recursive locking scenario, which led to a deadlock in the tableclear function in drivers/md/dm-ioctl.c within the Linux Kernel Device Mapper-Multipathing sub-component...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: nvmet-tcp: fixed incorrect locking in the statechange sk callback We are not changing anything in the TCP connection state, so we should not use a writelock but rather a read lock. This caused a deadlock when running nvmet-tcp...

Astra Linux - уязвимость в linux-5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2SESSIONSETUP commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mac80211: fixed the issue of locking in the ieee80211startap error path. We need to hold the local-mtx to release the channel context; this is even encoded in the lockdepassertheld function. Fix this issue...

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound from 1.14.0 to 1.25.0 contain security vulnerabilities. These vulnerabilities stem from inconsistent locking mechanisms, and under certain conditions, they may lead to heap reclamation...

PT-2026-42135

Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions 1.14.0 through 1.25.0 Description A locking inconsistency occurs when specific conditions are met: the system is multi-threaded, an RPZ Response Policy Zone XFR Zone Transfer reload is performed, and an RPZ zone...

Linux Distros Unpatched Vulnerability : CVE-2026-44608

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a locking inconsistency vulnerability that when certain conditions are met multi-threaded, RPZ...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021642 advisory. In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021607)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021607 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spinunlockirqrestore called with IRQs enabled Fix missuse of...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021597)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021597 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race If an -anonvma is attached to the VMA, collapseandfreepmd...