535 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: arm64/sve: Stale CPU state is discarded when handling SVE traps. The logic for handling SVE traps incorrectly manipulates the saved FPSIMD/SVE state. A race condition can occur where preemption causes a task to have TIFSVE set an...
Astra Linux – Vulnerability in golang-golang-x-net
In net/http in Go, before versions 1.18.6 and 1.19.x, and before version 1.19.1, attackers can cause a denial of service because an HTTP/2 connection may become unresponsive during closure, if the shutdown process is interrupted by a fatal error...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: arm64: efi: Make efirtlock a rawspinlock Running a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere Altra outputs the following: BUG: A sleeping function is called from an invalid context at kernel/locking/spinlockrt.c:46 inatomic: 1...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mctp: Route lookups now perform under a RCU read-side lock. Our current route lookups mctproutelookup and mctproutelookupnull traverse the network’s route list without holding the RCU read lock. This means that the route lookups...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: sched/ext: Prevent calls to updatelockedrq with a NULL rq. Avoid invoking updatelockedrq when the runqueue .rq pointer is NULL in the SCXCALLOP and SCXCALLOPRET macros. Previously, calling updatelockedrqNULL with preemption enabl...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Avoid using GFPKERNEL in an atomic context. Using GFPKERNEL in a preemption-disabled context may cause the following warning when CONFIGDEBUGATOMICSLEEP is enabled. 32.542271 BUG: A sleeping function was called from...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a sleeping function called from an invalid context in the RT kernel. When setting bootparams="traceevent=initcall:initcallstart tpprintk=1" in the cmdline, the outputprintk function was called, and spinlockirqsave...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Netfilter: Use getrandomu32 instead of prandom. This issue may occur when updating the per-cpu rndstate from a user context, i.e., the localout path. BUG: Using smpprocessorid in preemptible 00000000 code: nginx/2725. Caller is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Rework lppacasharedproc to avoid DEBUGPREEMPT. lppacasharedproc takes a pointer to the lppaca, which is typically accessed through getlppaca. With DEBUGPREEMPT enabled, this leads to checking whether preemption i...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fcrecvframe mp-safe Running tests with a debug kernel shows that bnx2fcrecvframe modifies the percpu lport stats counters in a non-mpsafe manner. Simply boot a debug kernel and run the bnx2fc driver with th...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: Kyber: An out-of-bounds access occurred when the thread was preempted. The function blkmqschedbiomerge retrieves the ctx and hctx for the current CPU and passes the hctx to -biomerge. The function kyberbiomerge then retrieves the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: i2c: core: Perform atomic i2c transfers when !preemptible is set. Since bae1d3a05a8b, i2c transfers are not atomic if preemption is disabled. However, non-atomic i2c transfers require preemption e.g., during waitforcompletion, wh...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: schedext: Preemption between scxclaimexit and the subsequent execution of the helper work is disabled. scxclaimexit atomically sets the exitkind value, preventing scxerror from triggering further error handling. After claiming...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: ntbnetdev: The ntbnetdevrxhandler function should now be modified to call netifrx instead of calling ntbnetdevrxhandler. The following message is emitted when using the idxd DSA dmaengine as the data transfer mechanism for...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: dropmonitor: Replace spinlock with rawspinlock. The function tracedropcommon is called with preemption disabled, and it acquires a spinlock. This is problematic for RT kernels because spinlocks are sleeping locks in this...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - riscv: ftrace: Fixed a panic caused by preemption being disabled. In RISCV, we need to use an AUIPC + JALR pair to encode an immediate jump, creating a jump to an address beyond 4K. This may cause errors if we want to enable...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021638)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021638 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block...
K000153097: Linux kernel vulnerability CVE-2024-50275
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: arm64/sve: Discard stale CPU state when handling SVE traps The logic for handling SVE traps manipulates saved FPSIMD/SVE state incorrectly, and a race with preemption can result in a task having TIFS...
Linux Distros Unpatched Vulnerability : CVE-2026-43482
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schedext: Disable preemption between scxclaimexit and kicking helper work scxclaimexit atomically sets exitkind, which prevents scxerror from triggering further...
EUVD-2026-30018
In the Linux kernel, the following vulnerability has been resolved: schedext: Disable preemption between scxclaimexit and kicking helper work scxclaimexit atomically sets exitkind, which prevents scxerror from triggering further error handling. After claiming exit, the caller must kick the helper...