kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

EUVD-2026-25590

Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams...

kernel: crypto: algif_aead - Revert to operating out-of-place

A flaw was found in the Linux kernel's algifaead cryptographic algorithm interface. An incorrect in-place operation causes source and destination data mappings to differ during cryptographic processing. A low-privileged local attacker can exploit this flaw to corrupt the contents of sensitive...

RHCOS 4 / 9 : OpenShift Container Platform 4.16.z (RHSA-2024:8418)

The remote Red Hat Enterprise Linux CoreOS 4 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8418 advisory. - github.com/jaraco/zipp: Denial of Service infinite loop via crafted zip file in jaraco/zipp CVE-2024-5569 - Podman: Buildah:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mshv: Fixed a use-after-free in the mshvmapusermemory error path. In the error path of mshvmapusermemory, calling vfree directly on the region causes the MMU notifier to remain registered. When the user space later unmaps the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: io: The memory type of the user is extracted in ioremapprot. The only function that calls ioremapprot outside of the generic ioremap implementation is genericaccessphys, which passes a pgprott value determined from the use...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: regulator: stm32-pwr: fix ofiomap leak Suggestions: - In the file drivers/regulator/stm32-pwr.c at line 166, the function stm32pwrregulatorprobe generates a warning: “The ‘base’ from ofiomap is not released.” This issue occurs wh...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: erofs: Fix for lz4 inplace decompression Currently, EROFS can map another compressed buffer for inplace decompression, which was used to handle cases where some pages of compressed data are not actually in-place I/O. However, lik...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fixed the BUGON in mmapPROTWRITE, MAPPRIVATE. A lack of check for copy-on-write COW mapping in drmgemshmemmmap allows users to call mmap with PROTWRITE and MAPPRIVATE flags, causing a kernel panic due to BUGON i...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Corrected the migration DMA map direction The SVM DMA device map direction should be set the same as the DMA unmap setting; otherwise, the DMA core will report the following warning. Before finalizing this solution,...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/pagetablecheck: A crash occurred when checking ZONEDEVICE. Not all pages apply to the pgtable check. An example is ZONEDEVICE pages: they directly map PFNs, and they never allocate pageext, even if there’s a struct page around...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – Correctly decodes TTLM with the default link map. The TID-to-link mapping TTLM elements do not contain any link mapping presence indicators when a default mapping is used, and parsing is skipped. It should be not...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fixed to avoid mapping the wrong physical block for the swapfile. Xiaolong Guo reported a bug related to f2fs in bugzilla 1. 1 https://bugzilla.kernel.org/showbug.cgi?id=220951 Quoted: “When using the stress-ng swap stress...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the virtual address and size of the userq buffer. It is necessary to validate the virtual address of the userq object to determine whether it is resident in a valid vm mapping...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme-pci: Handling of changes to the device’s DMA map requirements. The initial state of dmaneedsunmap might be false, but it becomes true during the DMA mapping process. Enabling swiotlb can affect the outcome in such cases...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: crypto: qat – fix DMA transfer direction When CONFIGDMAAPIDEBUG is enabled, during the execution of the crypto self-test for QAT crypto algorithms, the function adddmaentry reports a warning indicating that overlapping mapping...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fixed the reference count leak in hnsrocemmap. The function rdmausermmapentrygetpgoff takes a reference. Added the missing function rdmausermmapentryput to release the reference. Acknowledged by Haoyue Xu...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fixed by using eswitch mapping in nic mode The cited patch uses the eswitch object mapping pool when in nic mode, where it is not initialized. This results in the following trace 0. Fixed by using either the nic or...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/gpusvm: fixed the usage of hmmpfntomaporder Handled the case where the hmm range partially covers a huge page such as 2M. Otherwise, we might end up doing something unpleasant, such as mapping memory that is outside the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fixed the issue where immediate work requests were flushed to the completion queue prematurely. The opcode of the send queue element was correctly set during the flushing of immediate work requests in the post-sendqueue...