2417 matches found
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses a guard mutex to protect the device structure. However, the device is freed before the mutex cleanup runs, causing mutexunlock to opera...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mfd: core: Added locking around ‘mfdofnodelist’. Manipulating a list in the kernel is not safe without some form of mutual exclusion mechanism. Add a mutex whenever we access or modify ‘mfdofnodelist’ to prevent potential crashes...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: mm/memfd: Fixed an issue where information leaks occurred during the handling of hugetlb folios. When allocating hugetlb folios for memfd, three initialization steps are missing: 1. The folios are not zeroed, resulting in kern...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: GPU: host1x – Fixed a race condition in syncptalloc and syncptfree. A race condition occurred between host1xsyncptalloc and host1xsyncptPut, which was addressed by using krefPutMutex instead of krefPut plus manual mutex locking...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: nfsd: Check that the server is running in unlockfilesystem. If we try to unlock the filesystem via an administrative interface, and nfsd is not running, it will cause the server to crash. This occurs currently because the...
CVE-2026-52936
In the Linux kernel, the following vulnerability has been resolved: crypto: jitterentropy - replace long-held spinlock with mutex jentkcapirandom serializes the shared jitterentropy state, but it currently holds a spinlock across the jentreadentropy call. That path performs expensive jitter...
UBUNTU-CVE-2026-52936
In the Linux kernel, the following vulnerability has been resolved: crypto: jitterentropy - replace long-held spinlock with mutex jentkcapirandom serializes the shared jitterentropy state, but it currently holds a spinlock across the jentreadentropy call. That path performs expensive jitter...
CVE-2026-52936
In the Linux kernel, the following vulnerability has been resolved: crypto: jitterentropy - replace long-held spinlock with mutex jentkcapirandom serializes the shared jitterentropy state, but it currently holds a spinlock across the jentreadentropy call. That path performs expensive jitter...
EUVD-2026-38706
In the Linux kernel, the following vulnerability has been resolved: crypto: jitterentropy - replace long-held spinlock with mutex jentkcapirandom serializes the shared jitterentropy state, but it currently holds a spinlock across the jentreadentropy call. That path performs expensive jitter...
CVE-2026-52936
The CVE-2026-52936 vulnerability affects the Linux kernel’s jitterentropy path. Specifically, jent_kcapi_random() serialized the shared jitterentropy state while holding a spinlock during jent_read_entropy(), causing contention and stalls due to expensive entropy collection and SHA3 conditioning....
CVE-2026-52936
In the Linux kernel, the following vulnerability has been resolved: crypto: jitterentropy - replace long-held spinlock with mutex jentkcapirandom serializes the shared jitterentropy state, but it currently holds a spinlock across the jentreadentropy call. That path performs expensive jitter...
PT-2026-51885
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between the pressure write operation and the cgroup file release process. This occurs because the priv member of the struct kernfs open file is not sufficiently...
Linux Distros Unpatched Vulnerability : CVE-2026-52936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: jitterentropy - replace long-held spinlock with mutex jentkcapirandom serializes the shared jitterentropy state, but it currently holds a spinlock acros...
PT-2026-51729
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The jent kcapi random function serializes the shared jitterentropy state by holding a spinlock during the jent read entropy call. Because this process involves expensive jitter collectio...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: Core: Prevent panic during UVC unconfiguration Avichal Rakesh reported a kernel panic that occurred when the UVC gadget driver was removed from a gadget’s configuration. The panic involves a somewhat complex...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: The issue related to the use of mutexes in the IRQs-disabled section has been fixed. The current imc-pmu code triggers a warning when CONFIGDEBUGATOMICSLEEP and CONFIGPROVELOCKING are enabled, while a threadimc...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm: A use-after-free issue in drmgetunique has been fixed. There is a time-of-check-to-time-of-use error in drmgetunique, caused by retrieving fpriv-master before locking the device’s master mutex. An example of this error can b...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: mcast: fixed a data race in ipv6mcdown / mldifcwork. idev-mcifccount can be written without proper locking. Originally reported by syzbot 1. This issue was fixed by encapsulating calls to mldifcstopwork and mldgqstopwork...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Converted spinlock to mutex to lock the evlworkqueue. drainworkqueue cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queuework while...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: configfs: A race condition in configfs,unregistersubsystem has been fixed. When configfsregistersubsystem or configfsunregistersubsystem executes linkgroup or unlinkgroup, it is possible for two processes to add or delete element...