Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table By fixing socdevattr to register the SOC as a device, the kernel will encounter an OOPs error in socdevicematchattr. This quirks test was introduced in the staging driver in t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: Fixed the requirement that devices managed by PME polling must be in the RPMACTIVE state. The commit noted in the fixes added a spurious requirement that devices managed by runtime PM must be in the RPMACTIVE state for PME...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fixed an infinite loop in the IRQ handler upon a power fault. The Power Fault Detected bit in the Slot Status register differs from all other hot-plug events; it is “sticky” – it can only be cleared after turning off...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: igb: Cleanup in all error paths when enabling SR-IOV After commit 50f303496d92 “igb: Enabling SR-IOV after reinit”, removing the igb module could cause a hang or crash depending on the machine when the module was loaded with t...

CVE-2026-43161

A flaw was found in the Linux kernel's Intel IOMMU Input/Output Memory Management Unit virtual technology for directed I/O VT-d subsystem. When a PCIe Peripheral Component Interconnect Express endpoint device, especially when passed through to userspace applications like QEMU or DPDK, unexpectedl...

CVE-2026-43130

A flaw was found in the Linux kernel. When handling PCIe devices in scalable mode, the kernel may attempt to flush the device IOTLB Input/Output Translation Lookaside Buffer without verifying if the PCIe device is still accessible after a link-down fault. This improper handling during resource...

CVE-2026-43278

In the Linux kernel, the following vulnerability has been resolved: dm: clear cloned request bio pointer when last clone bio completes Stale rq-bio values have been observed to cause double-initialization of cloned bios in request-based device-mapper targets, leading to use-after-free and...

CVE-2026-43161

CVE-2026-43161 is a Linux kernel IOMMU VT-d vulnerability related to ATS invalidation when a PCIe endpoint loses connection. In scalable-mode-disabled/unsupported systems, an endpoint link drop can cause the IOMMU to wait indefinitely for an ATS invalidation, leading to a host hard-lock (notably ...

CVE-2026-43161

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode PCIe endpoints with ATS enabled and passed through to userspace e.g., QEMU, DPDK can hard-lock the host when their link drops, either by surprise...

CVE-2026-43130

The CVE-2026-43130 issue affects the Linux kernel iommu/vt-d path, where flushing the dev-IOTLB can occur during resource release in scalable PCIe mode. The root cause is a path that attempted ATS invalidation without adequately verifying whether the PCIe device is still accessible after a link-d...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: wifi: iwlwifi: pcie: fixed a possible NULL pointer derefrence issue It is possible that iwlpciprobe may fail and free the trans structure. After that, iwlpciRemove may be called, but it will crash when trying to access a trans...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: PCI: Fixed NULL dereferencing in the error path during SR-IOV VF creation. Fixed issues when virtfn setup fails, preventing NULL pointer dereferencing during device removal. The kernel error occurred due to incorrect error...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cxl/ras: Fixed the device confusion in the CPER handler. Upon inspection, the cxlcperhandleproterr function makes several fragile assumptions that can lead to crashes: 1. It assumes that the endpoints identified in the record...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fixed the issue where the link state was exited during the removal of an upstream function. Before version 456d8aa37d0f “PCI/ASPM: Disabled ASPM during the removal of an MFD function to avoid use-after-free”, we only...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: pcie: Fixed an integer overflow in the iwlwritetouserbuf function. An integer overflow occurs in the iwlwritetouserbuf function, which is called by the iwldbgfsmonitordataread function. The function is as follows: ...

SUSE CVE-2026-31595

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Stop cmdhandler work in epfntbepccleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kernel...

CVE-2026-31595

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Stop cmdhandler work in epfntbepccleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kernel...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013786)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013786 advisory. In the Linux kernel, the following vulnerability has been resolved: RISC-V: Make port I/O string accessors actually work Fix port I/O string accessors such as insb',...

Linux Distros Unpatched Vulnerability : CVE-2026-23264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert drm/amd: Check if ASPM is enabled from PCIe subsystem This reverts commit 7294863a6f01248d72b61d38478978d638641bee. This commit was erroneously applied...

SUSE CVE-2026-23264

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" This reverts commit 7294863a6f01248d72b61d38478978d638641bee. This commit was erroneously applied again after commit 0ab5d711ec74 "drm/amd: Refactor amdgpuaspm to be...