155 matches found
CVE-2026-53162
In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...
CVE-2026-53153
CVE-2026-53153 affects the Linux kernel memcg list_lru path. A race during memcg_reparent_list_lrus() clears the dying memcg’s xarray entry before reparenting per-node lists, letting concurrent list_lru_del/walk operate on the parent and corrupt next/prev pointers. The fix reverses the order: rep...
SUSE CVE-2026-46121
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcgpath kfree with damonsysfslock Patch series "mm/damon/sysfs-schemes: fix use-after-free for memcgpath". Reads of 'memcgpath' and 'path' files in DAMON sysfs interface could race with their...
Linux Distros Unpatched Vulnerability : CVE-2026-46121
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/sysfs-schemes: protect memcgpath kfree with damonsysfslock Patch series mm/damon/sysfs- schemes: fix use-after-free for memcgpath. Reads of 'memcgpath'...
CVE-2026-46121
A flaw was found in the Linux kernel's DAMON Data Access MONitor sysfs interface. A race condition exists between read and write operations on the memcgpath and path files. This allows a local attacker, by performing concurrent reads and writes with separate file handles, to trigger a...
CVE-2026-46121
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcgpath kfree with damonsysfslock Patch series "mm/damon/sysfs-schemes: fix use-after-free for memcgpath". Reads of 'memcgpath' and 'path' files in DAMON sysfs interface could race with their...
UBUNTU-CVE-2026-46121
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcgpath kfree with damonsysfslock Patch series "mm/damon/sysfs-schemes: fix use-after-free for memcgpath". Reads of 'memcgpath' and 'path' files in DAMON sysfs interface could race with their...
EUVD-2026-32880
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcgpath kfree with damonsysfslock Patch series "mm/damon/sysfs-schemes: fix use-after-free for memcgpath". Reads of 'memcgpath' and 'path' files in DAMON sysfs interface could race with their...
CVE-2026-46121 mm/damon/sysfs-schemes: protect memcg_path kfree() with damon_sysfs_lock
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcgpath kfree with damonsysfslock Patch series "mm/damon/sysfs-schemes: fix use-after-free for memcgpath". Reads of 'memcgpath' and 'path' files in DAMON sysfs interface could race with their...
PT-2026-44244
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A use-after-free issue exists in the DAMON sysfs interface. Direct reads and writes of the memcg path and path files can race, as the write operation deallocates the buffer pointed to by...
CVE-2026-46067 mm/damon/core: validate damos_quota_goal->nid for node_memcg_{used,free}_bp
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...
CLSA-2026-1779375889 kernel: Fix of 95 CVEs
perf/x86/intel/uncore: Fix die ID init and look up bugs CVE-2026-43344 - x86/apic: Disable x2apic on resume if the kernel expects so CVE-2026-43363 - drm/amdgpu: Fix use-after-free race in VM acquire CVE-2026-43370 - dm: remove fake timeout to avoid leak request CVE-2026-43314 - md/bitmap: fix...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: memcgwriteeventcontrol: fixed a user-triggered oops. We do not guarantee that anything beyond the terminating NUL is mapped let alone initialized with anything sensible...
CLSA-2026-1773139548 kernel: Fix of 78 CVEs
fix: fbdev: fix potential buffer overflow in doregisterframebuffer - qed: Don't collect too many protection override GRC elements CVE-2025-39949 - drm/amd/display: Avoid a NULL pointer dereference CVE-2025-39693 - pNFS: Fix uninited ptr deref in block/scsi layout CVE-2025-38691 - netfilter:...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mm/migratedevice: Do not add the “folio” to be freed to the LRU list during migratedevicefinalize. If the migration succeeds, we call foliomigrateflags-memcgroupmigrate to migrate the memcg from the old to the new “folio”. This...
CVE-2026-23219
In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862 ------------ cut here ------------ 3959.023891 alloctag was not clear...
CVE-2026-23219 mm/slab: Add alloc_tagging_slab_free_hook for memcg_alloc_abort_single
In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862 ------------ cut here ------------ 3959.023891 alloctag was not clear...
Linux Distros Unpatched Vulnerability : CVE-2026-23219
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001496)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001496 advisory. A memory overflow vulnerability was found in the Linux kernels ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times,...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002255)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002255 advisory. The memory resource controller aka memcg in the Linux kernel allows local users to cause a denial of service deadlock by spawning new processes within a...