Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/x86/intel: Fixed an access error when accessing the IA32PMCxCFGB MSRs When running perffuzzer on PTL, sometimes the “unchecked MSR access error” is observed when accessing the IA32PMCxCFGB MSRs. 55.611268 Unchecked MSR...

CVE-2026-46014

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Add missing save/restore handling of LBR MSRs MSRIA32DEBUGCTLMSR and LBR MSRs are currently not enumerated by KVMGETMSRINDEXLIST, and LBR MSRs cannot be set with KVMSETMSRS. So save/restore is completely broken. Fix it ...

CVE-2026-46014 KVM: SVM: Add missing save/restore handling of LBR MSRs

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Add missing save/restore handling of LBR MSRs MSRIA32DEBUGCTLMSR and LBR MSRs are currently not enumerated by KVMGETMSRINDEXLIST, and LBR MSRs cannot be set with KVMSETMSRS. So save/restore is completely broken. Fix it ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/lbr: Fixed an unchecked MSR access error related to HSW. The fuzzer triggers the following trace: 7763.384369 Unchecked MSR access error: WRMSR to 0x689 attempted to write 0x1fffffff8101349e at rIP:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: KVM: VMX: Fixed a crash caused by uninitialized currentvmcs. KVM enables “Enlightened VMCS” and “Enlightened MSR Bitmap” when running as a nested hypervisor on top of Hyper-V. When the MSR bitmap is updated, the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: x86/resctrl: Clear stagedconfig before and after it is used. As a temporary storage, stagedconfig in rdtdomain should be cleared before and after it is used. The stale value in stagedconfig could cause an MSR access error. Here i...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Loads the TSC multiplier of L1 based on L1’s state, not L2’s state. When emulating a nested VM-Exit, the TSC multiplier of L1 is loaded if L1’s desired ratio does not match the current ratio. This does not occur if L1’...

kernel-exploits

Kernel Exploits ppkey Kernels: 3.8.0, 3.8.1, 3...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013790)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013790 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013287)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013287 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Make sure GHCB is mapped before updating Access to the GHCB is mainly in the VMGEXIT pa...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010829)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010829 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and...

CVE-2026-4483

An exposed IOCTL with an insufficient access control vulnerability has been identified in the utility, MxGeneralIo, for Moxa’s industrial x86 computers. The affected utility, MxGeneralIo, exposes IOCTL methods that permit direct read and write access to MSR and system memory. A local attacker wit...

CVE-2026-4483

The CVE-2026-4483 vulnerability affects the Moxa MxGeneralIo utility on industrial x86 computers. It exposes IOCTL interfaces that permit direct read/write access to MSR and system memory, creating a high-privilege local attack surface. According to the description, a local attacker with high pri...

SUSE CVE-2026-23113

In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: check IOWQBITEXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking which will create a new worker for other items, or...

CVE-2026-23113

A flaw was found in the Linux kernel's iouring subsystem. When io-wq worker threads process extremely long-running I/O operations such as large reads from /dev/msr devices, the exit path may be delayed for an extended period because the IOWQBITEXIT flag is only checked before the work loop begins...

CVE-2026-23113

In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: check IOWQBITEXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking which will create a new worker for other items, or...

UBUNTU-CVE-2026-23113

In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: check IOWQBITEXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking which will create a new worker for other items, or...

CVE-2026-23113

CVE-2026-23113 affects the Linux kernel io-uring/io-wq component. The issue stems from not checking IO_WQ_BIT_EXIT in the io_worker_handle_work() loop, causing long exits when processing large pending reads (e.g., 2GB reads from /dev/msr* with >16MB per read). Evidence in the advisory shows th...

CVE-2026-23113 io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop

In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: check IOWQBITEXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking which will create a new worker for other items, or...

CVE-2026-23113

In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: check IOWQBITEXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking which will create a new worker for other items, or...