LSN-120-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvmarchvcpucreate fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data initialised. In the Linux kernel, the...

SUSE CVE-2026-46135

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

Linux Distros Unpatched Vulnerability : CVE-2026-46135

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp...

CVE-2026-46135

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

CVE-2026-46135

CVE-2026-46135 affects the Linux kernel nvmet-tcp (NVMe over TCP). A race between ICReq handling and target‑side queue teardown can transition queue state in a non‑serialized way, potentially allowing a second teardown path and a re‑entry after a disconnect, including a possible double free scena...

CVE-2026-46135

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

PT-2026-44258

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the nvmet-tcp module between the handling of Initialization Connection Requests ICReq and queue teardown. The function nvmet tcp handle icreq updates the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition in the handling of ICReq requests and queue removal in nvmet-tcp. This...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nvmet: Potential UAF Use-after-Free errors can occur in nvmetreqComplete. The implementation of the nvmetarget-queueresponse operation may free the request passed as an argument. Such an implementation could potentially lead to a...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: Assign dhkey to NULL after kfreesensitive. ctrl-dhkey might be used across multiple calls to nvmetsetupdhgroup for the same controller. Therefore, it’s better to set it to NULL after a error-free release, in order to...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: Avoid scheduling association deletion twice. When forcibly shutting down a port via the configfs interface, nvmetportsubsysdroplink first calls nvmetportdelctrls, and then nvmetdisableport. Both functions will eventuall...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet: fixed an out-of-bounds access in nvmetenableport. When attempting to enable a port for which no transport is currently configured, nvmetenableport uses NVMFTRTYPEMAX 255 to query the transports array, resulting in an...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Do not restore null skstatechange. queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection is not established when nvmettcpsetqueuesock is called, then queue-statechange is not set, and...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet: A possible leak has been fixed when destroying a ctrl during qp establishment. In nvmetsqdestroy, we capture sq-ctrl early. If it is not NULL, we know that a ctrl was allocated during the admin connect request handling. We...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

kernel: nvmet: fix memory leak of bio integrity

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak of bio integrity If nvmet receives commands with metadata there is a continuous memory leak of kmalloc-128 slab or more precisely bio-biintegrity. Since commit bf4c89fc8797 "block: don't call biouninit from...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet: fixed a memory leak We forgot to free newmodelnumber...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: objtool, nvmet: Fix out-of-bounds stack access in nvmetctrlstateshow The cstsstatenames array only has six sparse entries, but the iteration code in nvmetctrlstateshow iterates seven, resulting in a potential out-of-bounds stack...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet: Fixed a crash that occurs when a namespace is disabled. The percpu counter in the namespace is responsible for handling pending I/O operations. We can safely disable the namespace only after the counter drops to zero...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: A hang issue has been fixed in nvmettcplistendataready. When the socket is closed while in the TCPLISTEN state, a callback is executed to flush all outstanding packets. This execution then calls nvmettcplistendataready...