CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm: pgtable: Fix for NULL pointer dereference issue. When updatemmucacherange is called by updatemmucache, the vmf parameter is NULL, which can lead to a NULL pointer dereference issue in adjustpte. It is not possible to handle...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: IB/hfi1: Fixed bugs related to non-PAGESIZE-end multi-iovec user SDMA requests. The processing of hfi1 user SDMA requests contains two bugs that can cause data corruption for user SDMA requests with multiple payload iovecs. In...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: The issue of losing the “young/dirty” bits during the pagemap scan has been fixed. The function makeuffdwpwppte used to perform these operations was previously executed as follows: c pte = ptepgetptep;...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mshv: Fixed a use-after-free in the mshvmapusermemory error path. In the error path of mshvmapusermemory, calling vfree directly on the region causes the MMU notifier to remain registered. When the user space later unmaps the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: lib/Kconfig.debug: TESTIOVITER relies on MMU. Attempting to run the ioviter unit test on a nommu system, such as the qemu kc705-nommu emulation, results in a crash. KTAP version 1 Subtest: ioviter Module: kunitioviter 1..9 BUG:...

kernel security update

4.18.0-553.123.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1646)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1646 advisory. In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories CVE-2025-68736 In the Linux kernel, the following vulnerability has been...

Astra Linux - уязвимость в linux-5.10

A race condition was detected in the fs/proc/taskmmu.c file, which is part of the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privileges to cause a denial of service...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: avoid pointless invalidaterangestart/end on mremapoldsize=0 If an mremap syscall with oldsize=0 ends up in movepagetables, it will call invalidaterangestart/invalidaterangeend unnecessarily, i.e. with an empty range...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Immediately reset the MMU context when the SMM flag is cleared The MMU context should be immediately reset when the SMM flag of the vCPU is cleared, so that the SMM flag in the MMU context is always synchronized with th...

Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fixed the error path in panfrostmmumapfaultaddr Subject: PATCH drm/panfrost: Fixed the error path in panfrostmmumapfaultaddr If some of the page allocations fail, we should not release the previous references to tho...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50232)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50232 advisory. - ipv6: use RCU in ip6xmit Eric Dumazet Orabug: 39202432 CVE-2025-40135 - dst: fix races in rt6uncachedlistdel and rtdeluncachedlist Eric Dumazet...

EUVD-2026-18669

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix use-after-free in mshvmapusermemory error path In the error path of mshvmapusermemory, calling vfree directly on the region leaves the MMU notifier registered. When userspace later unmaps the memory, the notifier fires...

CVE-2026-23432

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix use-after-free in mshvmapusermemory error path In the error path of mshvmapusermemory, calling vfree directly on the region leaves the MMU notifier registered. When userspace later unmaps the memory, the notifier fires...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the mshvmapusermemory function to unregister the MMU notifier, allowing for reuse...

CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...

CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...

CVE-2026-23402

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check against overwriting a shadow-present SPTE with a another SPTE with a different target PFN to only apply to direct MMUs, i.e. on...

CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...