Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Team: Replace the team lock with rtnl lock. Syszbot reports various ordering issues related to lower instance locks and team locks. It is recommended to use rtnl locks for protecting team devices, similar to bonding. This chan...

UBUNTU-CVE-2026-46287

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix RTNL assertion warning when remove module For the copper NIC with external PHY, the driver called phylinkconnectphy during probe and phylinkdisconnectphy during remove. It caused an RTNL assertion warning in...

PT-2026-47359

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.12-1.1 Description An RTNL assertion warning occurs in the txgbe driver for copper NICs with an external PHY during module removal. This happens because the phylink disconnect phy function is called without t...

CVE-2026-46165

CVE-2026-46165 affects the Linux kernel openvswitch vport code, where a self-deadlock could occur on tunnel port release due to improper ordering between RCU callbacks and RTNL/normally synchronized code paths. The root cause: vports are protected by RCU and must have netdev_put() after the RCU g...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: Detaching and closing netdevs while handling a reset Protect the reset path from callbacks by setting the netdevs to detached state and closing any netdevs in UP state until the reset handling is completed. During a reset,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: hibmcge: fix rtnl deadlock issue Currently, the hibmcge netdev acquires the rtnllock in pcierrorhandlers.resetprepare and releases it in pcierrorhandlers.resetdone. However, in the PCI framework: pciresetbus – pciresetslot –...

CVE-2026-43382

A flaw was found in the batman-adv module of the Linux kernel. This vulnerability occurs when the batadvvelpgetthroughput function attempts to acquire a network lock RTNL lock that is already held, particularly during the cancellation of a work queue item. This can lead to a deadlock, causing a...

CVE-2026-43382

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...

CVE-2026-43382

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...

PT-2026-39043

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur in the batman-adv module when the batadv v elp get throughput function is called while the RTNL Routing Netlink lock is already held. This specifically happens when ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ice: prevent NULL pointer deref during reload Calling ethtool during reload can lead to call trace, because VSI isn't configured for some time, but netdev is alive. To fix it add rtnl lock for VSI deconfig and config. Set...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Executing the ndosetrxmode callback within a work queue Commit 1767bb2d47b7 “ipv6: mcast: Do not hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP” removed the RTNL lock for these operations. However, this change...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: eth: alx: takes rtnllock when resuming. Zbynek reports that alx fails an RTNL assertion when resuming. RTNL: The assertion failed at net/core/dev.c 2891. RIP: 0010: netifsetrealnumtxqueues + 0x1ac/0x1c0. Call Trace: alxopen +...

SUSE CVE-2026-31579

In the Linux kernel, the following vulnerability has been resolved: wireguard: device: use exitrtnl callback instead of manual rtnllock in preexit wgnetnspreexit manually acquires rtnllock inside the pernet .preexit callback. This causes a hung task when another thread holds rtnlmutex - the...

DEBIAN-CVE-2026-31579

In the Linux kernel, the following vulnerability has been resolved: wireguard: device: use exitrtnl callback instead of manual rtnllock in preexit wgnetnspreexit manually acquires rtnllock inside the pernet .preexit callback. This causes a hung task when another thread holds rtnlmutex - the...

CVE-2026-31579

In the Linux kernel, the following vulnerability has been resolved: wireguard: device: use exitrtnl callback instead of manual rtnllock in preexit wgnetnspreexit manually acquires rtnllock inside the pernet .preexit callback. This causes a hung task when another thread holds rtnlmutex - the...

PT-2026-34931

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the WireGuard component occurs because the wg netns pre exit function manually acquires rtnl lock within the .pre exit callback. This can lead to a hung task if another thread...

EUVD-2026-15351

In the Linux kernel, the following vulnerability has been resolved: net: phy: register phy ledtriggers during probe to avoid AB-BA deadlock There is an AB-BA deadlock when both LEDSTRIGGERNETDEV and LEDTRIGGERPHY are enabled: 1362.049207 ledtriggerregister+0x5c/0x1fc...

SUSE CVE-2026-23203

In the Linux kernel, the following vulnerability has been resolved: net: cpswnew: Execute ndosetrxmode callback in a work queue Commit 1767bb2d47b7 "ipv6: mcast: Don't hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP." removed the RTNL lock for IPV6ADDMEMBERSHIP and MCASTJOINGROUP operations...

CVE-2026-23175

In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Execute ndosetrxmode callback in a work queue Commit 1767bb2d47b7 "ipv6: mcast: Don't hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP." removed the RTNL lock for IPV6ADDMEMBERSHIP and MCASTJOINGROUP operations...