Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: octeontx2-af: Added validation before accessing cgx and lmac. With the addition of new MAC blocks such as CN10K RPM and CN10KB RPMUSX, LMACs are noncontiguous, and CGX blocks are also noncontiguous. However, during the RVU...

SUSE CVE-2026-45854

In the Linux kernel, the following vulnerability has been resolved: crypto: inside-secure/eip93 - unregister only available algorithm EIP93 has an options register. This register indicates which crypto algorithms are implemented in silicon. Supported algorithms are registered on this basis...

PT-2026-43721

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the inside-secure/eip93 crypto component where the system attempts to unregister all crypto algorithms regardless of whether they are implemented in the hardware...

CVE-2026-43496

In the Linux kernel, the following vulnerability has been resolved: net/sched: schred: Replace direct dequeue call with peek and qdiscdequeuepeeked When red qdisc has children eg qfq qdisc whose peek callback is qdiscpeekdequeued, we could get a kernel panic. When the parent of such qdiscs eg...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: riscv: fixed the reserved memory setup Currently, RISC-V sets up reserved memory using the “early” copy of the device tree. As a result, when trying to access a reserved memory region using ofreservedmemlookup, the pointer to the...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed the issue where NULL sndbufdesc was used in smccdctxhandler. When performing a stress test on SMC-R using the rmmod mlx5ib driver during the wrk/nginx test, we found that there is a possibility of triggering a pani...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: Core: Prevent panic during UVC unconfiguration Avichal Rakesh reported a kernel panic that occurred when the UVC gadget driver was removed from a gadget’s configuration. The panic involves a somewhat complex...

CVE-2026-43288

In the Linux kernel, the following vulnerability has been resolved: ext4: move ext4percpuparaminit before ext4mbinit When running kvm-xfstests -c ext4/1k -C 1 generic/383 with the DOUBLECHECK macro defined, the following panic is triggered:...

CVE-2026-43107

In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMAIFID in aevent size calculation xfrmgetae allocates the reply skb with xfrmaeventmsgsize, then buildaevent appends attributes including XFRMAIFID when x-ifid is set. xfrmaeventmsgsize does not include space for...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range checks for the CHDBOFF and ERDBOFF registers. If the values read from the CHDBOFF and ERDBOFF registers are outside the range of the MHI register space, an invalid address may be calculated, which can later...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Do not use BUGON in linktofixupdir. During error injection testing, the following panic occurred: Kernel BUG at fs/btrfs/tree-log.c:1862! Invalid opcode: 0000 1 SMP NOPTI CPU: 1 PID: 7836 Comm: mount Not tainted...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Cleaning up a dangling pointer on the bind error path The mtkdrmBind function may fail, in which case drmdevPut is called, destroying the drmdevice object. However, a pointer to that object was still being held by t...

CVE-2026-31600

In the Linux kernel, the following vulnerability has been resolved: arm64: mm: Handle invalid large leaf mappings correctly It has been possible for a long time to mark ptes in the linear map as invalid. This is done for secretmem, kfence, realm dma memory un/share, and others, by simply clearing...

CVE-2026-31542

In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Handle deconfigured sockets When a socket is deconfigured, it's mapped to SOCKEMPTY 0xffff. This causes a panic while allocating UV hub info structures. Fix this by using NUMANONODE, allowing UV hub info structur...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010889)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010889 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid scheduling in rtasosterm It's unsafe to use rtasbusydelay to handle a busy...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005733)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005733 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix resolving backrefs for inline extent followed by prealloc If a file consists of an...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005672)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005672 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds/overflow in nilfssb2badoffset Patch series nilfs2: fix UBSAN...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005644)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005644 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts Hyper-V provides the ability to...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005665)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005665 advisory. In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check start of empty przs during init After commit 30696378f68a pstore/ram: Do not...

SUSE-SU-2026:0327-1 Security update for alloy

This update for alloy fixes the following issues: Update to 1.12.2: Security fixes: - CVE-2025-68156: github.com/expr-lang/expr/builtin: Fixed potential DoS via unbounded recursion bsc1255333: - CVE-2025-31133, CVE-2025-52565, CVE-2025-52881: github.com/opencontainers/runc: Fixed container...