Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevents corruption of pcp with SMP=n. The kernel test robot has reported the following issue: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 Lock: 0xffff888807e35ef0, .magic: dead4ead, .owner:...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Tracing: Ensure visibility when inserting an element into tracingmap. Running the following two commands in parallel on a multi-processor AArch64 machine may occasionally generate an unexpected warning regarding duplicate...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fixed an issue where a non-existent percpu rtpcp variable was accessed in rcutasksneedgpcb. For kernels built with CONFIGFORCENRCPUS=y, nrcpuids is defined as NRCPUS instead of the number of possible CPUs. This can cau...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: Fixed an out-of-bounds access issue in mchpipcgetclusteraggrirq. The clustercfg array is dynamically allocated to hold per-CPU configuration structures. Its size is determined by the number of online CPUs...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fixed NULL pointer dereferencing when nosmp is used When nosmp is used in the command line, other CPUs are not brought up, leaving their cpcdescptr NULL. CPU0’s iteration via foreachpossiblecpu dereferences these NULL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: Avoid clearing hardware interrupts if hwintr is null during drm uninit. If the edp modeset init fails due to the panel not being ready, and the probe is deferred during drm bind, avoid clearing IRQs and...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Avoid out-of-bounds access when parsing CPC data If the NumEntries field in the CPC return packet is less than 2, do not attempt to access the “Revision” element of that packet, because it may not be present at that...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: The segfault caused by PEBS-via-PT with a sample frequency has been fixed. Currently, using PEBS-via-PT with a sample frequency instead of a sample period causes a segfault. For example: BUG: Kernel NULL pointer...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Fixed unbalanced regulator disabling in UTMI PHY mode When transitioning from USBROLEDEVICE to USBROLENONE, the code assumed that the regulator should be disabled. However, if the regulator is marked as always-o...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf/amlogic: Replace smpprocessorid with rawsmpprocessorid in mesonddrpmucreate The Amlogic DDR PMU driver’s mesonddrpmucreate function incorrectly uses smpprocessorid, which assumes disabled preemption. This leads to kernel...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: designware: amdisp: Fixed the race condition involving the resume-probe function. The race condition was identified in kernel version 7.0, with the commit code 38fa29b01a6a „i2c: designware: Combine the init functions“...

Astra Linux - уязвимость в mariadb-10.3

It was discovered that MariaDB versions 10.2 to 10.7 contain a segmentation fault due to the component Itemfuncin::cleanup/Item::cleanupprocessor...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/x86/amd/uncore: Fixed a memory leak related to the events array. When a CPU comes online, the per-CPU NB and LLC uncore contexts are freed, but the events array within the context structure is not freed. This causes a...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Thermal: intelpowerclamp: Use getcpu instead of smpprocessorid to avoid crashes. When CPU 0 is offline and intelpowerclamp is used to simulate idle state, it causes a kernel bug: Bug: Using smpprocessorid in preemptible 000000...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ACPI: Processor – Fixed the previous issue in acpiprocessorerratapiix4 After the patch provided by commi f132e089fe89 “ACPI: Processor – Fixed NULL-pointer dereference in acpiprocessorerratapiix4”, device pointers may be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ACPI: Processor – Updated the check for the cpuidle driver in acpiprocessorstart. Commit 7a8c994cbb2d “ACPI: Processor: Idle: Optimize ACPI idle driver registration” moved the ACPI idle driver registration to...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021546)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021546 advisory. In the Linux kernel, the following vulnerability has been resolved: thermal: intelpowerclamp: Use getcpu instead of smpprocessorid to avoid crash When CPU 0 is offli...

UBUNTU-CVE-2026-32739

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in Boxstts::getsampleduration, consuming 100% CPU indefinitely with zero progress, leading to DoS. The loop has no iteration limit or timeout and...

GHSA-M6XR-FVFG-5G64 Dasel: Denial of service in dasel selector lexer due to infinite loop on unterminated regex literal

Summary dasel's selector lexer enters a non-terminating loop when tokenizing an unterminated regex pattern such as r/abc. A 2-byte input r/ is sufficient to cause the tokenizer to consume 100% CPU on one core indefinitely. I confirmed the issue on v3.3.1 fba653c7f248aff10f2b89fca93929b64707dfc8 a...

CVE-2026-7307

Keycloak contains a denial-of-service issue (CVE-2026-7307) where a remote, unauthenticated attacker can send a specially crafted XML input to the SAML endpoint. The crafted input triggers high CPU usage and worker-thread starvation, rendering the server unavailable. The description does not prov...