Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: macvlan: fixed memory leaks in macvlancommonnewlink. kmemleak reports memory leaks in macvlancommonnewlink, as follows: c ip link add link eth0 name .. type macvlan mode source macaddr add kmemleak reports: - A unreferenced...

kernel: macvlan: fix possible UAF in macvlan_forward_source()

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

kernel: macvlan: fix possible UAF in macvlan_forward_source()

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

RHEL 8 : kernel (RHSA-2026:25533)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25533 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nvme: avoid double free speci...

EulerOS Virtualization 2.13.1 : kernel (EulerOS-SA-2026-2371)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : iommu/sva: invalidate stale IOTLB entries for kernel address spaceCVE-2025-71202 iommu: disable SVA when CONFIGX86 is...

EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2026-2400)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : iommu/sva: invalidate stale IOTLB entries for kernel address spaceCVE-2025-71202 iommu: disable SVA when CONFIGX86 is...

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-2293)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : iommu/sva: invalidate stale IOTLB entries for kernel address spaceCVE-2025-71202 iommu: disable SVA when CONFIGX86 is setCVE-2025-71089 tls: Fix...

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-2336)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : iommu/sva: invalidate stale IOTLB entries for kernel address spaceCVE-2025-71202 iommu: disable SVA when CONFIGX86 is setCVE-2025-71089 tls: Fix...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-2247)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 nfsd: fix RELEASELOCKOWNERCVE-2024-26629 bonding: limit BONDMODE8023AD to...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-2209)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 nfsd: fix RELEASELOCKOWNERCVE-2024-26629 bonding: limit BONDMODE8023AD to...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50262)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50262 advisory. - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39344527 CVE-2026-43284 - x86/CPU/AMD: Add a fix for AMD-SB-7052...

Unbreakable Enterprise kernel security update

5.4.17-2136.355.3.1 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39344527 CVE-2026-43284 - x86/CPU/AMD: Add a fix for AMD-SB-7052 Prathyushi Nangia Orabug: 39344576 CVE-2025-54518 5.4.17-2136.355.3 - crypto: algifaead - Fix minimum RX size check for decryption...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: macvlan: Enforces a consistent minimal MTU. The macvlan mechanism should enforce a minimal MTU of 68, even when creating a link. This patch avoids the current behavior which could lead to crashes in the IPv6 stack if the link is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: macvlan: The forgotten nlapolicy has been added for IFLAMACVLANBCCUTOFF. The previous commit 954d1fa1ac93, titled “macvlan: Add netlink attribute for broadcast cutoff”, added an additional attribute named IFLAMACVLANBCCUTOFF to...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: Bridge: Multicast packets must be confirmed before being passed up the stack. The conntrack/nfconfirm logic does not handle cloned skb objects that reference the same nfct entry. This issue occurs when dealing with...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50255)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50255 advisory. - crypto: algifaead - use memcpysglist instead of null skcipher Eric Biggers Orabug: 39292250 CVE-2026-31431 Tenable has extracted the preceding descriptio...

CLSA-2026-1777614954 kernel: Fix of 37 CVEs

crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...

Unbreakable Enterprise kernel security update: Copy Fail

5.4.17-2136.354.4.2 - crypto: algifaead - Fix minimum RX size check for decryption Herbert Xu Orabug: 39292250 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl Herbert Xu Orabug: 39292250 - crypto: authencesn - Fix src offset when decrypting in-place Herbert Xu Orabug: 39292250 -...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-100 (ALASKERNEL-5.15-2026-100)

The version of kernel installed on the remote host is prior to 5.15.202-141.223. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2026-100 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata CVE-2025-71265 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indxfind to avoid...