Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can now be called from process context. tcpv6RtXsynack can now be called in process context, as explained in 0a375c822497 "tcp: tcpv6RtXsynack can be called from process context". tcpv6RtXsynack may call...

UBUNTU-CVE-2026-43331

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Disable KCOV instrumentation after loadsegments The loadsegments function changes segment registers, invalidating GS base which KCOV relies on for per-cpu data. When CONFIGKCOV is enabled, any subsequent instrumented C...

CVE-2026-43331

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Disable KCOV instrumentation after loadsegments The loadsegments function changes segment registers, invalidating GS base which KCOV relies on for per-cpu data. When CONFIGKCOV is enabled, any subsequent instrumented C...

PT-2026-38982

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the x86 architecture, the load segments function modifies segment registers, which invalidates the GS base used by KCOV for per-cpu data. When CONFIG KCOV is enabled, any subsequent...

CVE-2026-23332

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix crash during turbo disable When the system is booted with kernel command line argument "nosmt" or "maxcpus" to limit the number of CPUs, disabling turbo via: echo 1...

AZL-67166 CVE-2025-39749 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: rcu: Protect -deferqsiwpending from data race On kernels built with CONFIGIRQWORK=y, when rcureadunlock is invoked within an interrupts-disabled region of code 1, it will invoke rcureadunlockspecial, which uses an irq-work handle...

CVE-2025-39749

The CVE-2025-39749 issue is in the Linux kernel’s RCU read-side handling: when IRQ work is used (CONFIG_IRQ_WORK=y) and rcu_read_unlock() runs in an interrupts-disabled region, irq-work can interrupt rcu_read_unlock_special(), creating a data race on the per-CPU defer_qs_iw_pending field. The fix...

PT-2025-30807

Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to 6.16.0-rc1 Description A flaw was discovered in the RISC-V architecture of the Linux kernel related to the handling of SBI Standardized Boot Interface and per-CPU data allocation when NUMA Non-Uniform Memory Acce...

DEBIAN-CVE-2023-53121

In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can be called from process context tcprtxsynack now could be called in process context as explained in 0a375c822497 "tcp: tcprtxsynack can be called from process context". tcprtxsynack might call tcpmakesynack,...

CVE-2025-21862 drop_monitor: fix incorrect initialization order

In the Linux kernel, the following vulnerability has been resolved: dropmonitor: fix incorrect initialization order Syzkaller reports the following bug: BUG: spinlock bad magic on CPU1, syz-executor.0/7995 lock: 0xffff88805303f3e0, .magic: 00000000, .owner: /-1, .ownercpu: 0 CPU: 1 PID: 7995 Comm...

UBUNTU-CVE-2024-56617

In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU Commit 5944ce092b97 "archtopology: Build cacheinfo from primary CPU" adds functionality that architectures can use to optionally allocate and build...

UBUNTU-CVE-2024-50036

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...

CVE-2024-50036 net: do not delay dst_entries_add() in dst_release()

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...

DEBIAN-CVE-2024-42126

In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmienter/nmiexit in real mode interrupt. nmienter/nmiexit touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling e.g. early HMI/MCE interrupt handler if percpu...

kernel: scsi: lpfc: Fix call trace observed during I/O with CMF enabled

A vulnerability has been identified in the lpfc module within the Linux kernel. This flaw occurs because the driver attempts to access per-CPU data from a preemptible context using an incorrect function. This improper handling of critical data can lead to system instability and result in a...

kernel: scsi: lpfc: Fix call trace observed during I/O with CMF enabled

A vulnerability has been identified in the lpfc module within the Linux kernel. This flaw occurs because the driver attempts to access per-CPU data from a preemptible context using an incorrect function. This improper handling of critical data can lead to system instability and result in a...