239 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53333
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/mincore: handle non-swap entries before !CONFIGSWAP guard mincoreswap also fields migration/hwpoison entries and shmem swapin-error entries, which can exist ...
CVE-2026-53333
In the Linux kernel, the following vulnerability has been resolved: mm/mincore: handle non-swap entries before !CONFIGSWAP guard mincoreswap also fields migration/hwpoison entries and shmem swapin-error entries, which can exist on !CONFIGSWAP builds when CONFIGMIGRATION or CONFIGMEMORYFAILURE is...
UBUNTU-CVE-2026-53333
In the Linux kernel, the following vulnerability has been resolved: mm/mincore: handle non-swap entries before !CONFIGSWAP guard mincoreswap also fields migration/hwpoison entries and shmem swapin-error entries, which can exist on !CONFIGSWAP builds when CONFIGMIGRATION or CONFIGMEMORYFAILURE is...
EUVD-2026-40967
In the Linux kernel, the following vulnerability has been resolved: mm/mincore: handle non-swap entries before !CONFIGSWAP guard mincoreswap also fields migration/hwpoison entries and shmem swapin-error entries, which can exist on !CONFIGSWAP builds when CONFIGMIGRATION or CONFIGMEMORYFAILURE is...
Linux Distros Unpatched Vulnerability : CVE-2026-53207
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursi...
mm/memory-failure: fix hugetlb_lock AA deadlock in get_huge_page_for_hwpoison
...
CVE-2026-53207
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...
CVE-2026-53207 mm/memory-failure: fix hugetlb_lock AA deadlock in get_huge_page_for_hwpoison
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...
EUVD-2026-39298
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...
CVE-2026-53207
The CVE-2026-53207 issue affects the Linux kernel mm/memory-failure path, where concurrent MADV_HWPOISON calls on the same hugetlb page can deadlock the non-recursive hugetlb_lock. The root cause is a sequence where a GUP reference is dropped under the hugetlb_lock, allowing free_huge_folio to re...
CVE-2026-53207
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...
CVE-2026-53207
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...
PT-2026-52303
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A recursive spinlock self-deadlock AA deadlock can occur on hugetlb lock when two concurrent madviseMADV HWPOISON calls are made on the same hugetlb page while racing with a concurrent...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ACPI: APEI: Send SIGBUS to the current task if a synchronous memory error is not recovered. If a synchronous error is detected due to a user-space process triggering a 2-bit uncorrected error, the CPU will raise an exception,...
CVE-2025-71313 PCI: endpoint: Add missing NULL check for alloc_workqueue()
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queuework is later called with...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fixed a deadlock that occurred when hugetlboptimizevmemmap was enabled. When I performed hard offline tests with hugetlb pages, a deadlock occurred as follows:...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: Make sure to wait for page writeback in memoryfailure. Our syzkaller triggers "BUGON!listempty&inode-iwblist" in clearinode: - Kernel bug at fs/inode.c:519! - Internal error: Oops – Bug: 0 1 SMP - Modules linke...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390/mm: The handling of VMFAULTHWPOISON in doexception has been fixed. There is no support for HWPOISON, MEMORYFAILURE, or ARCHHASCOPYMC on s390. Therefore, we do not expect to see VMFAULTHWPOISON in doexception. However, since...
OPENSUSE-SU-2026:20769-1 Security update for mozjs115
This update for mozjs115 fixes the following issues: Changes in mozjs115: - CVE-2026-32776: Fixed a NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259728 - CVE-2026-32777: Fixed a denial of service due to infinite loop in DTD...
SUSE-SU-2026:1817-1 Security update for mozjs60
This update for mozjs60 fixes the following issues - CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259728. - CVE-2026-32777: libexpat: denial of service due to infinite loop in DTD content parsing...