Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Do not allow SETID to refer to another table. When performing lookups for sets within the same batch using their IDs, a set from a different table can be used. However, when the table is removed, a reference ...

PT-2026-47379

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the scpsys get bus protection legacy function. The of find node with property function returns a device node with an incremented reference count, but of...

SUSE CVE-2026-46172

In the Linux kernel, the following vulnerability has been resolved: ipv6: xfrm6: release dst on error in xfrm6rcvencap xfrm6rcvencap performs an IPv6 route lookup when the skb does not already have a dst attached. ip6routeinputlookup returns a referenced dst entry even when the lookup resolves to...

CVE-2026-46172

In the Linux kernel, the following vulnerability has been resolved: ipv6: xfrm6: release dst on error in xfrm6rcvencap xfrm6rcvencap performs an IPv6 route lookup when the skb does not already have a dst attached. ip6routeinputlookup returns a referenced dst entry even when the lookup resolves to...

CVE-2026-46172

** CWE-XXXX**: CVE-2026-46172 affects the Linux kernel IPv6 xfrm6 path. The issue occurs in xfrm6_rcv_encap() during an IPv6 route lookup when a dst is not yet attached; ip6_route_input_lookup() can return a dst with an error, and if dst->error is set, the skb is dropped without attaching/rele...

Linux Distros Unpatched Vulnerability : CVE-2026-31666

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix incorrect return value after changing leaf in lookupextentdataref After commit 1618aa3c2e01 btrfs: simplify return variables in lookupextentdataref,...

CVE-2026-31666

A flaw was found in the Linux kernel's btrfs filesystem. An incorrect return value in the lookupextentdataref function can lead to the system believing a lookup succeeded when it did not. This can cause operations to be performed on the wrong extent tree item, potentially resulting in data...

OESA-2026-1567 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect...

btrfs: scrub: handle RST lookup error correctly

...

PT-2025-20832

Name of the Vulnerable Software and Affected Versions: Debian Linux affected versions not specified Description: The issue concerns file existence tests via socket lookup error messages, potentially affecting the screen package in Debian Linux. No information is provided about the estimated numbe...

AZL-52979 CVE-2024-49932 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't readahead the relocation inode on RST On relocation we're doing readahead on the relocation inode, but if the filesystem is backed by a RAID stripe tree we can get ENOENT e.g. due to preallocated extents not being...

CVE-2024-41067

In the Linux kernel, the following vulnerability has been resolved: btrfs: scrub: handle RST lookup error correctly BUG When running btrfs/060 with forced RST feature, it would crash the following ASSERT inside scrubreadendio: ASSERTsectornr nrsectors; Before that, we would have tree dump from...

UBUNTU-CVE-2024-41067

In the Linux kernel, the following vulnerability has been resolved: btrfs: scrub: handle RST lookup error correctly BUG When running btrfs/060 with forced RST feature, it would crash the following ASSERT inside scrubreadendio: ASSERTsectornr nrsectors; Before that, we would have tree dump from...

CVE-2024-41067 btrfs: scrub: handle RST lookup error correctly

In the Linux kernel, the following vulnerability has been resolved: btrfs: scrub: handle RST lookup error correctly BUG When running btrfs/060 with forced RST feature, it would crash the following ASSERT inside scrubreadendio: ASSERTsectornr nrsectors; Before that, we would have tree dump from...

CVE-2024-35936

A flaw was found in the Linux kernel’s btrfs module. An unhandled chunk tree lookup error in the btrfsrelocatesyschunks function in the fs/btrfs/volumes.c file will cause a denial of service...

CVE-2024-35936

CVE-2024-35936. In the Linux kernel, the btrfs relocation code (btrfs_relocate_sys_chunks) contains an unhandled corruption case in its chunk-tree lookup loop. The issue arises from two theoretically impossible conditions: (1) an inexact search yields a key with offset -1 for a chunk-tree item, a...

CVE-2024-35936 btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfsrelocatesyschunks The unhandled case in btrfsrelocatesyschunks loop is a corruption, as it could be caused only by two impossible conditions: - at first the search key is set up to lo...

CVE-2024-35936 btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfsrelocatesyschunks The unhandled case in btrfsrelocatesyschunks loop is a corruption, as it could be caused only by two impossible conditions: - at first the search key is set up to lo...

DEBIAN-CVE-2023-52693

In the Linux kernel, the following vulnerability has been resolved: ACPI: video: check for error while searching for backlight device parent If acpigetparent called in acpivideodevregisterbacklight fails, for example, because acpiutacquiremutex fails inside acpigetparent, this can lead to incorre...

UPX 缓冲区错误漏洞

UPX is a portable and extensible executable compression program. A security vulnerability exists in UPX, which stems from an issue in function PackLinuxElf32::elflookup in plxelf.cpp:5349 that causes the generic pointer p to point to an inaccessible address in func getle32...