Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: ofproperty: Return error for intmap allocation failure The “ENOMEM” return value occurs when kcalloc fails to prevent a NULL pointer dereferencing in this case. bhelgaas: commit log...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/vmwgfx: Fixed the lifetime of the bo cursor memory. Cleanup operations can be performed while the atomic update is still active. This means that the memory acquired during the atomic update does not need to be invalidated ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: Fixed the issue of releasing pinned pages when iouaddrmap fails. Looking at the error path of iouaddrmap, if we fail to pin the pages for any reason, ret will be set to -EINVAL, and the error handler will not properly...

Astra Linux - уязвимость в linux, linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Check rcureadlockTraceheld before calling BPF map helpers. These three BPFmaplookup,update,deleteelem helpers are also available for sleepable BPF programs. Therefore, add the corresponding lock assertions for sleepable B...

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fixed the error path in panfrostmmumapfaultaddr Subject: PATCH drm/panfrost: Fixed the error path in panfrostmmumapfaultaddr If some of the page allocations fail, we should not release the previous references to tho...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/vma: Fixed a memory leak in mmapregion. The commit 605f6586ecf7 “mm/vma: No memory leak occurs when .mmapprepare swaps the file” handled the success case by skipping the getfile call via filedoesntneedget, but missed the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: monaco: Reserve a full Gunyah metadata region. We have observed spurious “Synchronous External Abort” exceptions ESR=0x96000010 and kernel crashes on Monaco-based platforms. These faults occur due to the kernel...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fixed the double dmabufunpin in the failure path. In ibumemdmabufgetpinnedwithdmadevice, the call to ibumemdmabufmappages may fail. If this occurs, the dmabuf is immediately unpinned, but the umemdmabuf-pinned flag...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Make kvmgetvcuByCPUid more robust The kvmgetvcuByCPUid function takes a cpuid parameter whose type is int; therefore, the cpuid value can be negative. To make this function more robust, let kvmgetvcuByCPUid return...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/tests: shmem: Holding the reservation lock around vmap/vunmap operations Acquiring and releasing the reservation lock of the GEM object during vmap and vunmap operations. The tests used vmaplocked, which caused errors such...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021553)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021553 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Call freehtabelem after htabunlockbucket For htab of maps, when the map is removed from the...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-021504)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021504 advisory. In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021539)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021539 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec...

RHCOS 4 : OpenShift Container Platform 4.17.54 (RHSA-2026:17595)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17595 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - golang: net/url: Memory exhaustion in quer...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021601)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021601 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvmedevdisable nvmedevdisable modifies the...

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

GHSA-W4VJ-R5PG-3722 Mailpit: Concurrent map read & write in proxy CSS rewriter - remote unauth crash (fatal error: concurrent map read and map write)

Summary The screenshot/print proxy /proxy?data=… maintains a package-level assets mapstringMessageAssets cache, but reads the map without holding assetsMutex while a long-running cleanup goroutine and re-entrant CSS-rewriting code path concurrently write to it under the lock. When the...

Mailpit: Concurrent map read & write in proxy CSS rewriter - remote unauth crash (fatal error: concurrent map read and map write)

Summary The screenshot/print proxy /proxy?data=… maintains a package-level assets mapstringMessageAssets cache, but reads the map without holding assetsMutex while a long-running cleanup goroutine and re-entrant CSS-rewriting code path concurrently write to it under the lock. When the...

CLSA-2026-1779204107 php: Fix of 6 CVEs

CVE-2026-6722: fix stale SOAPGLOBAL refmap pointer with Apache Map GHSA-85c2-q967-79q5 - CVE-2026-7262: fix broken Apache map value NULL check in soap encoder GHSA-hmxp-6pc4-f3vv - CVE-2026-7568: fix signed integer overflow of char array offset in metaphone GHSA-96wq-48vp-hh57 - CVE-2026-7261:...