1245 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: perf: Fixed the refcount warning when incrementing event-mmapcount. When calling refcountinc&event-mmapcount within perfmmaprb, the following warning is triggered: c refcountt: Addition on 0; use-after-free. WARNING:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Binder: Fixed the issue where dereferencing the null-ptr variable occurred unexpectedly. Syzbot reported several issues introduced by commit 44e602b4e52f „binderalloc: added missing mmaplock calls when using VMA”. In these...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: Fixed a possible warning in privcmdioctlmmapresource. Since ‘kdata.num’ is a user-controlled data, if the user attempts to allocate memory larger than MAXORDER, then kcalloc will fail. This will also generate a stack...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: hwrng: core – Fix page fault deadlock on mmap-ed hwrng There is a dead-lock in the hwrng device read path. This occurs when the user reads from /dev/hwrng into memory, and at the same time, /dev/hwrng is also mapped into memory...
Linux Distros Unpatched Vulnerability : CVE-2026-31700
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/packet: fix TOCTOU race on mmap'd vnethdr in tpacketsnd In tpacketsnd, when PACKETVNETHDR is enabled, vnethdr points directly into the mmap'd TX ring buffer...
CVE-2026-31700
A flaw was found in the Linux kernel. A Time-of-check to Time-of-use TOCTOU race condition exists in the tpacketsnd function when PACKETVNETHDR is enabled. A local user can exploit this by modifying the vnethdr fields in the mmap'd TX ring buffer between validation and use, thereby bypassing safe...
EUVD-2026-26509
In the Linux kernel, the following vulnerability has been resolved: net/packet: fix TOCTOU race on mmap'd vnethdr in tpacketsnd In tpacketsnd, when PACKETVNETHDR is enabled, vnethdr points directly into the mmap'd TX ring buffer shared with userspace. The kernel validates the header via...
CVE-2026-31700 net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd()
In the Linux kernel, the following vulnerability has been resolved: net/packet: fix TOCTOU race on mmap'd vnethdr in tpacketsnd In tpacketsnd, when PACKETVNETHDR is enabled, vnethdr points directly into the mmap'd TX ring buffer shared with userspace. The kernel validates the header via...
CVE-2026-31700
Summary (CVE-2026-31700): In the Linux kernel, a TOCTOU race in tpacket_snd() when PACKET_VNET_HDR is enabled allows a user-space race on vnet_hdr fields between validation and use, bypassing safety checks. The vulnerability affects the mmap’d TX ring buffer where vnet_hdr points into user-contro...
CLSA-2026-1777614769 kernel: Fix of 13 CVEs
crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...
Linux Distros Unpatched Vulnerability : CVE-2026-31654
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmapregion commit 605f6586ecf7 mm/vma: do not leak memory when...
SUSE CVE-2026-31597
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: "If our return value has VMFAULTRETRY set, it's because the mmaplock may b...
SUSE CVE-2026-31654
In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmapregion commit 605f6586ecf7 "mm/vma: do not leak memory when .mmapprepare swaps the file" handled the success path by skipping getfile via filedoesntneedget, but missed the error path. When /dev/zero...
CVE-2026-31597
A flaw was found in the Linux kernel's OCFS2 Oracle Cluster File System version 2 component. A local attacker could exploit a use-after-free vulnerability when filemapfault drops the mmaplock before returning VMFAULTRETRY. This allows a concurrent munmap operation to free a vmareastruct, leading ...
CVE-2026-31648
In the Linux kernel, the following vulnerability has been resolved: mm: filemap: fix nrpages calculation overflow in filemapmappages When running stress-ng on my Arm64 machine with v7.0-rc3 kernel, I encountered some very strange crash issues showing up as "Bad page state": " 734.496287 BUG: Bad...
CVE-2026-31654
In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmapregion commit 605f6586ecf7 "mm/vma: do not leak memory when .mmapprepare swaps the file" handled the success path by skipping getfile via filedoesntneedget, but missed the error path. When /dev/zero...
CVE-2026-31654
CVE-2026-31654 affects the Linux kernel mm/vma path for mmap-backed shared mappings (notably /dev/zero). The root cause was a memory leak: when __mmap_new_vma() fails after shmem_zero_setup_desc() allocates a replacement shmem file, that new file isn’t released in the error path, leaving an unref...
CVE-2026-31654
In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmapregion commit 605f6586ecf7 "mm/vma: do not leak memory when .mmapprepare swaps the file" handled the success path by skipping getfile via filedoesntneedget, but missed the error path. When /dev/zero...
CVE-2026-31654 mm/vma: fix memory leak in __mmap_region()
In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmapregion commit 605f6586ecf7 "mm/vma: do not leak memory when .mmapprepare swaps the file" handled the success path by skipping getfile via filedoesntneedget, but missed the error path. When /dev/zero...
EUVD-2026-25547
In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmapregion commit 605f6586ecf7 "mm/vma: do not leak memory when .mmapprepare swaps the file" handled the success path by skipping getfile via filedoesntneedget, but missed the error path. When /dev/zero...