EUVD-2026-39899

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs...

UBUNTU-CVE-2026-53250

In the Linux kernel, the following vulnerability has been resolved: xsk: cache csumstart/csumoffset to fix TOCTOU in xskskbmetadata The TX metadata area resides in the UMEM buffer which is memory-mapped and concurrently writable by userspace. In xskskbmetadata, csumstart and csumoffset are read...

CVE-2026-53250

CVE-2026-53250 : In the Linux kernel, the xsk_skb_metadata() path is vulnerable to a TOCTOU race in which csum_start and csum_offset are read from shared UMEM and then read again for skb assignment. A malicious userspace process can overwrite values between reads, bypassing bounds checks and caus...

CVE-2026-53164

In the Linux kernel, the following vulnerability has been resolved: iommu/dma: Do not try to iommumap a 0 length region in swiotlb iommudmaiovalinkswiotlb processes a mapping that is unaligned in three parts, the head, middle and trailer. If the middle is empty because there are no aligned pages ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/rds: fixed the possible null dereference of cp The cp parameter may be null. Calling cp-cpconn would result in a null dereference. Simon Horman adds: Analysis: cp is a parameter of rdsrdmamap and is not reassigned. The...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: TCP: fixed page frag corruption upon a page fault. Steffen reported a corruption of the TCP stream for HTTP requests served by the Apache web-server, using a CIFS mount-point and the corresponding file’s memory mapping. The root...

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Since commit a4d5613c4dc6 “arm: extend pfnvalid to take into account freed memory map alignment” changes the semantics of pfnvalid to check the presence ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: riscv: Fixed the issue of loading 64-bit NOMMU kernels beyond the start of RAM. The commit 3335068f8721 “riscv: Use PUD/P4D/PGD pages for the linear mapping” added logic to allow using memory below the kernel’s load address...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: regulator: stm32-pwr: fix ofiomap leak Suggestions: - In the file drivers/regulator/stm32-pwr.c at line 166, the function stm32pwrregulatorprobe generates a warning: “The ‘base’ from ofiomap is not released.” This issue occurs wh...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: Fixed page mapping issues when vmareaallocpages uses high-order allocation modes with an order of 0 as the default. The vmappagesrangenoflush function assumes that the pages argument contains pages with the same page...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the virtual address and size of the userq buffer. It is necessary to validate the virtual address of the userq object to determine whether it is resident in a valid vm mapping...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat the remaining value being equal to 0 as an error in findandmapuserpages. Currently, if findandmapuserpages receives a DMA transfer request from the user with a length field set to 0, or in a rare case, when the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fixed DMA-API usage issues The use of the DMA-API function dmamapsingle was corrected to obtain the DMA address of the transfer buffer, instead of using virttophys for conversion. This fixes the following DMA-A...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fixed the BUGON in mmapPROTWRITE, MAPPRIVATE. A lack of check for copy-on-write COW mapping in drmgemshmemmmap allows users to call mmap with PROTWRITE and MAPPRIVATE flags, causing a kernel panic due to BUGON i...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: The issue of using NULL for folio handling in movepageshugepmd has been fixed. movepageshugepmd handles UFFDIOMOVE operations for both normal THPs and huge zero pages. For the huge zero page, srcfolio is explicitly...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

Guests running on Arm can cause Denial of Service DoS attacks on Dom0 through PV devices. When mapping memory pages of guests on Arm, Dom0 uses an rbtree to keep track of the foreign mappings. The update of this rbtree does not always occur completely with the relevant lock held, resulting in a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: crypto: qat – fix DMA transfer direction When CONFIGDMAAPIDEBUG is enabled, during the execution of the crypto self-test for QAT crypto algorithms, the function adddmaentry reports a warning indicating that overlapping mapping...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: perf/core: Prevents VMA splitting of buffer mappings. The perfmmap code is careful to map the user page using mmap along with the ringbuffer and the auxiliary buffer, when the event supports this. Once the first mapping is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/gpusvm: fixed the usage of hmmpfntomaporder Handled the case where the hmm range partially covers a large page such as 2M. Otherwise, we might end up doing something unpleasant, such as mapping memory that is outside the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Corrected the migration DMA map direction The SVM DMA device map direction should be set the same as the DMA unmap setting; otherwise, the DMA core will report the following warning. Before finalizing this solution,...