CVE-2026-46075 crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path Unregister the hwrng to prevent new -read calls and flush the Atmel I2C workqueue before teardown to prevent a potential UAF if a queued callback runs while...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: phy: at803x: fix NULL pointer dereference on AR9331 PHY The latest kernel will fail when dealing with the PHY interrupt configuration, as it now relies on allocated private resources. Therefore, run a probe to allocate these...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: phy: qcom: at803x: fix kernel panic with at8031probe When reworking and splitting the at803x driver, a NULL dereference bug was identified in the function that splits at803x PHYs. In this bug, the variable priv is referenced...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: wifi: mwifiex: Do not return unused priv pointers in mwifiexgetprivbyid. mwifiexgetprivbyid returns the priv pointer corresponding to bssnum and bsstype, but without checking whether the priv is actually in use. Unused priv...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: a potential memory leak has been fixed in mlx5einitreprx. The memory pointed to by the priv-rxres pointer is not freed during the error-prone execution of mlx5einitreprx, which can lead to a memory leak. This issue has...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Driver core: Bus – Fixed a double-free in the driver API function busregister. For busregister, any error that occurs after ksetregister will cause the @priv variable to be freed twice. This issue was fixed by setting @priv to NU...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Pass netdev to mlx5edestroynetdev instead of priv mlx5epriv is an unstable structure that can be memset0 if profile attachment fails. Passing netdev to mlx5edestroynetdev ensures that it will work with a valid netde...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Input: imxsckey – fixed memory corruption upon unloading. It should be labeled as “priv”, but we accidentally passed “&priv”, which is an address in the stack. This can lead to memory corruption when the imxsckeyaction function i...

SUSE CVE-2026-43050

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Perf trace: Actually freeing the evsel-priv area In 3cb4d5e00e037c70 “Perf trace: Freeing syscall tp fields in evsel-priv”, the freeing of the area was only performed if strcmpevsel-tpformat-system, “syscalls” returned zero...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl-asoc-card: Set priv-pdev before using it. The priv-pdev pointer was set after being used in fslasoccardaudmuxinit. This assignment should be moved to the beginning of the probe function, so that sub-functions can...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: efi: libstub – Only privRuntimeMap is freed when it is allocated. privRuntimeMap is only allocated when efinovamap is not set. Otherwise, it remains uninitialized. In the error path, privRuntimeMap is freed unconditionally. Avoid...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while iterating the priv-multicastlist in ipoibmcastjointask opens a window for ipoibmcastdevflush to remove the items while in the middle of iteration. If the mcast is...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv-len is a multiple of 4, then dstlen / 4 can write past the destination array which leads to stack corruption. This construct is necessary to clean the remainder of t...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlanremoveone. priv is netdev’s private data, and it cannot be used after the freenetdev call. Using priv after freenetdev can cause a UAF bug. This issue is fixed by moving the freenetdev call to the end of t...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: ath9k: Fixed a use-after-free in ath9khifusbrxcb. Syzbot reported a use-after-free during the Read operation in ath9khifusbrxcb. The problem stemmed from incorrect initialization of htchandle-drvpriv. A possible call trace tha...

CVE-2026-43050 atm: lec: fix use-after-free in sock_def_readable()

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...

CVE-2026-43050

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the lecatmclose function in the atm lec driver not synchronizing the clearing of the priv-lecd pointer,...

SUSE CVE-2026-31507

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smcspdpriv when tee duplicates splice pipe buffer smcrxsplice allocates one smcspdpriv per pipebuffer and stores the pointer in pipebuffer.private. The pipebufoperations for these buffers used .get =...