Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fixed AUX buffer serialization. Ole reported that the event-mmapmutex is strictly insufficient to serialize the AUX buffer. To serialize it properly, a per-RB mutex should be added. Note that the lock order comment stat...

CVE-2026-43353

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix race in DMA ring dequeue The HCI DMA dequeue path hcidmadequeuexfer may be invoked for multiple transfers that timeout around the same time. However, the function is not serialized and can race with itself...

CVE-2026-43353 i3c: mipi-i3c-hci: Fix race in DMA ring dequeue

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix race in DMA ring dequeue The HCI DMA dequeue path hcidmadequeuexfer may be invoked for multiple transfers that timeout around the same time. However, the function is not serialized and can race with itself...

Linux Distros Unpatched Vulnerability : CVE-2026-43353

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i3c: mipi-i3c-hci: Fix race in DMA ring dequeue The HCI DMA dequeue path hcidmadequeuexfer may be invoked for multiple transfers that timeout around the same...

EUVD-2026-24825

In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex MEDIAREQUESTIOCREINIT can run concurrently with VIDIOCREQBUFS0 queue teardown paths. This can race request object cleanup against vb2 queue cancellation and lead to...

SUSE CVE-2026-23186

In the Linux kernel, the following vulnerability has been resolved: hwmon: acpipowermeter Fix deadlocks related to acpipowermeternotify The acpipowermeter driver's .notify callback function, acpipowermeternotify, calls hwmondeviceunregister under a lock that is also acquired by callbacks in sysfs...

UBUNTU-CVE-2026-23186

In the Linux kernel, the following vulnerability has been resolved: hwmon: acpipowermeter Fix deadlocks related to acpipowermeternotify The acpipowermeter driver's .notify callback function, acpipowermeternotify, calls hwmondeviceunregister under a lock that is also acquired by callbacks in sysfs...

Azure Linux 3.0 Security Update: kernel (CVE-2024-47141)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47141 advisory. - In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access...

CVE-2025-71074

In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffsepfileopen can race with removal, ending up with file-privatedata pointing to freed object. There is a total count of opened files on functionfs both ep0 and dynamic ones and when it hits...

UBUNTU-CVE-2025-71074

In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffsepfileopen can race with removal, ending up with file-privatedata pointing to freed object. There is a total count of opened files on functionfs both ep0 and dynamic ones and when it hits...

CVE-2025-71074 functionfs: fix the open/removal races

In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffsepfileopen can race with removal, ending up with file-privatedata pointing to freed object. There is a total count of opened files on functionfs both ep0 and dynamic ones and when it hits...

CVE-2025-71074 functionfs: fix the open/removal races

In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffsepfileopen can race with removal, ending up with file-privatedata pointing to freed object. There is a total count of opened files on functionfs both ep0 and dynamic ones and when it hits...

CVE-2025-71074

In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffsepfileopen can race with removal, ending up with file-privatedata pointing to freed object. There is a total count of opened files on functionfs both ep0 and dynamic ones and when it hits...

PT-2026-2595

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists within the functionfs implementation, specifically in the ffs epfile open function. This condition can occur when a file is opened and removed concurrently,...

PT-2025-46605

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a data race condition in the SCSI UFS core related to CPU latency PM QoS request handling. The cpu latency qos add, cpu latency qos remove, and cpu latency qos...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989897)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989897 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: serialize hash resizes and cleanups Syzbot was able to trigger the followin...

AZL-61685 CVE-2025-22062 affecting package kernel for versions less than 6.6.92.2-1

In the Linux kernel, the following vulnerability has been resolved: sctp: add mutual exclusion in procsctpdoudpport We must serialize calls to sctpudpsockstop and sctpudpsockstart or risk a crash as syzbot reported: Oops: general protection fault, probably for non-canonical address...

UBUNTU-CVE-2022-49755

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Prevent race during ffsep0queuewait While performing fast composition switch, there is a possibility that the process of ffsep0write/ffsep0read get into a race condition due to ep0req being freed up from...

SUSE CVE-2022-49195

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix panic on shutdown if multi-chip tree failed to probe DSA probing is atypical because a tree of devices must probe all at once, so out of N switches which call dsatreesetuproutingtable during probe, for N - 1 of them...

CVE-2022-49607

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix data race between perfeventsetoutput and perfmmapclose Yang Jihing reported a race between perfeventsetoutput and perfmmapclose: CPU1 CPU2 perfmmapclosee2 if atomicdecandtest&e2-rb-mmapcount // 1 - 0 detachrest =...