Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: wifi: rtw89: wow: fixed the GTK offload H2C skbuff issue We mistakenly considered skb to be too large, which might have exceeded skb-end. Therefore, we have corrected this issue. skbuff: skboverpanic: text:ffffffffc09e9a9d...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fixed a panic that occurred due to NULL-PMD in hugepteoffset. ERROR INFO: CPU 25: Unable to handle the kernel paging request at virtual address 0x0. … Call trace: hugepteoffset+0x3c/0x58 hugetlbfollowpagemask+0x74/0x43...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: Set UXN on swapper page tables This issue was accidentally fixed upstream via c3cee924bd85 "arm64: head: cover the entire kernel image in the initial ID map", as part of a major refactoring of the arm64 boot flow. This...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed a crash that occurs when re-plugging CSR fake controllers. It seems that fake CSR 5.0 clones can cause the suspend notifier to be registered twice, resulting in the following kernel panic: 71.986122 Call Trace...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, hsr: rejecting HSR frames if skb cannot hold the tag. Receiving an HSR frame with insufficient space to hold the HSR tag in the skb can result in a crash kernel bug. 45.390915 skbuff: skbunderpanic:...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix the return value of f2fsconvertinlineinode If the device is read-only, make f2fsconvertInline inode return EROFS instead of zero. Otherwise, a panic may occur during the writing of the dirty pages of the inline inode, a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipvs: Fixed the NULL dereference in the error path of ipvsaddservice. When ipvsbindscheduler successfully calls ipvsaddservice, the local variable sched is set to NULL. If ipvsstartestimator subsequently fails, the cleanup code...

Astra Linux - уязвимость в rustc

In the standard library of Rust before version 1.52.0, the Zip implementation has a panic safety issue. It calls iteratorgetunchecked more than once for the same index when the underlying iterator panics under certain conditions. This bug could lead to a memory safety violation due to an unmet...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: USB: Fixed various issues related to devices connected via 10Gbps cables. The function usbassigndescriptors is called with 5 parameters. The last 4 of these parameters represent USB descriptor headers for the following speeds: -...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: e1000e: Replace usleeprange with udelay in PHY mdic access. This is a partial revert of commit 6dbdd4de0362 “e1000e: Workaround for sporadic MDI errors on Meteor Lake systems”. The referenced commit used usleeprange within the PH...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint: pci-epf-test: Add a NULL check for DMA channels before releasing them. The fields dmachantx and dmachanrx of the struct pciepftest can be NULL even after EPF initialization. Therefore, it is prudent to check that...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Net: DSA: Fix for a panic upon shutdown if the multi-chip tree fails to probe. DSA probing is atypical because the device tree must probe all devices at once. Thus, out of N switches that call dsatreesetuproutingtable during...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fixed a panic that occurs when the ipoib sendqueuesize is increased beyond the default value. When the ipoib sendqueuesize is increased, the following panic occurs: RIP: 0010:hfi1ipoibdraintxring+0x45/0xf0 hfi1 Code: 31 ...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fixed a kernel panic that occurred during PIO transfers. Attempting to initiate a new PIO transfer by setting the PIOSTART register to 0, when the previous transfer has not yet completed indicated by a value of 1 i...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fixed the kernel panic caused by incorrect error handling. The error path when failing to register devices on the TEE bus contains a bug that leads to kernel panic. The details are as follows: 15.398930 Unable to hand...

Astra Linux - уязвимость в golang-1.19

Large handshake records can cause panics in the crypto/TLS context. Both clients and servers may send large TLS handshake records, which can cause both servers and clients to panic when attempting to construct responses. This issue affects all TLS 1.3 clients, TLS 1.2 clients that explicitly enab...

Astra Linux - уязвимость в udisks2

A vulnerability has been discovered in udisks2. This flaw allows an attacker to submit a specially crafted image file/USB, resulting in kernel panic. The greatest threat posed by this vulnerability is to system availability...

Linux Distros Unpatched Vulnerability : CVE-2026-43335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sm8450: Fix NULL pointer dereference in icclinknodes The change to dynam...

Linux Distros Unpatched Vulnerability : CVE-2026-43410

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled When the Remote System Update RSU isn't enabled in the First Stage Boot Loader FSBL,...

Amazon Linux 2023 : runfinch-finch (ALAS2023-2026-1671)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1671 advisory. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. CVE-2025-47913 Arithmetic over induction variables in loops...