Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/9p: Fixed buffer overflow in the USB transport layer. There is a buffer overflow vulnerability in the USB 9pfs transport layer. In this case, inconsistencies in size validation between packet header parsing and actual data...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: 9p: Fixed the fid refcount leak in v9fsvfsgetlink. We now check for protocol versions that are later than required, after a fid has been obtained. Simply move the version check to an earlier stage...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/9p: A dedicated spinlock is used for transfd. I'm shamelessly copying the explanation from Tetsuo Handa’s suggested patch1 slightly reworded: syzbot reports inconsistent lock states in p9reqput2. For p9tagremove, when execute...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: 9p: Added missing locking around accessing the dentry fid list. Fixed a use-after-free issue when a thread accesses the dentry’s dfsdata fid list while another thread unlinks it from the dentry. UAF thread issues: - refcountt:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: 9p: Fixed the fid refcount leak in v9fsvfsatomicopendotl. We need to release the directory fid if we fail at any point during the open operation. This fix addresses the issue of fid leaking during xfstests with the generic test 5...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fixed a NULL pointer dereferencing in netfsunbufferedwrite, when a write subrequest is marked as NETFSSREQNEEDRETRY. When the retry path in netfsunbufferedwrite calls stream-preparewrite without checking whether...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: Always use ONONBLOCK for read/write operations. The syzbot report indicates that tasks become hung at p9fdclose, due to p9muxpollstop. This occurs because p9connDestroy fails to interrupt kernelread/kernelwrite that...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fixed a kernel bug in netfslimititer for ITERKVEC iterators. When a process crashes and the kernel writes a core dump to a 9P filesystem, kernelwrite creates an ITERKVEC iterator. This iterator calls netfsunbufferedwrite,...

SUSE CVE-2026-52906

In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb "9p: convert to the new mount API", v9fsapplyoptions applies parsed mount flags with |= onto flags already set by v9fssessioninit. For 9P2000.L,...

Linux Distros Unpatched Vulnerability : CVE-2026-52906

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb 9p: convert to the new mount API, v9fsapplyoptions applies parsed mount flags...

CVE-2026-52906

A flaw was found in the Linux kernel's 9p filesystem. When mounting, access mode flags were incorrectly combined instead of being replaced, leading to an invalid configuration. This issue causes root users to be unable to perform privileged operations like changing file ownership, effectively...

CVE-2026-52906

In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb "9p: convert to the new mount API", v9fsapplyoptions applies parsed mount flags with |= onto flags already set by v9fssessioninit. For 9P2000.L,...

UBUNTU-CVE-2026-52906

In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb "9p: convert to the new mount API", v9fsapplyoptions applies parsed mount flags with |= onto flags already set by v9fssessioninit. For 9P2000.L,...

CVE-2026-52906 9p: fix access mode flags being ORed instead of replaced

In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb "9p: convert to the new mount API", v9fsapplyoptions applies parsed mount flags with |= onto flags already set by v9fssessioninit. For 9P2000.L,...

CVE-2026-52906

In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb "9p: convert to the new mount API", v9fsapplyoptions applies parsed mount flags with |= onto flags already set by v9fssessioninit. For 9P2000.L,...

Astra Linux – Vulnerability in Qemu

A race condition flaw was discovered in the 9pfs server implementation of QEMU, up to and including version 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The greatest threat posed by this vulnerability is to...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: net/9p: A potential socket leak has been fixed in p9socketopen. Both p9fdcreatetcp and p9fdcreateunix will call p9socketopen. If the creation of p9transfd fails, both p9fdcreatetcp and p9fdcreateunix will return an error...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021528)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021528 advisory. In the Linux kernel, the following vulnerability has been resolved: 9p: set req refcount to zero to avoid uninitialized usage When a new request is allocated, the...

EUVD-2026-27808

In the Linux kernel, the following vulnerability has been resolved: 9p/xen: protect xen9pfsfrontfree against concurrent calls The xenwatch thread can race with other back-end change notifications and call xen9pfsfrontfree twice, hitting the observed general protection fault due to a double-free...

CVE-2026-43249

In the Linux kernel, the following vulnerability has been resolved: 9p/xen: protect xen9pfsfrontfree against concurrent calls The xenwatch thread can race with other back-end change notifications and call xen9pfsfrontfree twice, hitting the observed general protection fault due to a double-free...