CVE-2026-46259

A flaw was found in the Linux kernel's procfs component. When reading /proc/pid/stat, the dotaskstat function accesses task-realparent without proper Read-Copy-Update RCU protection. This missing protection creates a race condition, which can lead to a Use-After-Free UAF vulnerability. A local...

CVE-2026-46259

In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading realparent in dotaskstat When reading /proc/pid/stat, dotaskstat accesses task-realparent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- dotaskstat var =...

CVE-2026-46259

CVE-2026-46259 describes a Linux kernel procfs flaw in do_task_stat() where reading /proc/[pid]/stat accessed task->real_parent without correct RCU protection, allowing a potential use-after-free during tgid/parent resolution. The root cause is reading real_parent without an active rcu_read_lo...

CVE-2026-46259 procfs: fix missing RCU protection when reading real_parent in do_task_stat()

In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading realparent in dotaskstat When reading /proc/pid/stat, dotaskstat accesses task-realparent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- dotaskstat var =...

CVE-2026-46259

In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading realparent in dotaskstat When reading /proc/pid/stat, dotaskstat accesses task-realparent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- dotaskstat var =...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: The issue involves bcm: – a UAF Use-After-Free flaw in bcmprocshow. Bug: KASAN: A slabuse-after-free issue occurs in bcmprocshow+0x969/0xa80. A size 8 byte read was performed at address ffff888155846230 by the task cat/7862. CPU:...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: atm: The atmdevmutex is released after removing procfs in atmdevderegister. syzbot reported a warning during atmdevregister. 0 Before creating a new device and procfs/sysfs for it, atmdevregister looks up a duplicate device...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Can: bcm: added missing rcu read protection for procfs content. When the procfs content is generated for a bcmop that is about to be removed, the procfs output might display unreliable data UAF. Since the removal of bcmops is...

SUSE CVE-2026-43178

In the Linux kernel, the following vulnerability has been resolved: procfs: fix possible double mmput in doprocmapquery When user provides incorrectly sized buffer for build ID for PROCMAPQUERY we return with -ENAMETOOLONG error. After recent changes this condition happens later, after we unlocke...

CVE-2026-43178

A flaw was found in the Linux kernel's procfs component. A local user, by providing a malformed input buffer during a specific memory mapping query PROCMAPQUERY, can trigger an error in how the kernel manages process memory. This can lead to a double release of memory resources, potentially causi...

EUVD-2026-27738

In the Linux kernel, the following vulnerability has been resolved: procfs: fix possible double mmput in doprocmapquery When user provides incorrectly sized buffer for build ID for PROCMAPQUERY we return with -ENAMETOOLONG error. After recent changes this condition happens later, after we unlocke...

CVE-2026-43178

In the Linux kernel, the following vulnerability has been resolved: procfs: fix possible double mmput in doprocmapquery When user provides incorrectly sized buffer for build ID for PROCMAPQUERY we return with -ENAMETOOLONG error. After recent changes this condition happens later, after we unlocke...

CVE-2026-43178 procfs: fix possible double mmput() in do_procmap_query()

In the Linux kernel, the following vulnerability has been resolved: procfs: fix possible double mmput in doprocmapquery When user provides incorrectly sized buffer for build ID for PROCMAPQUERY we return with -ENAMETOOLONG error. After recent changes this condition happens later, after we unlocke...

CVE-2026-43178

In the Linux kernel, the following vulnerability has been resolved: procfs: fix possible double mmput in doprocmapquery When user provides incorrectly sized buffer for build ID for PROCMAPQUERY we return with -ENAMETOOLONG error. After recent changes this condition happens later, after we unlocke...

RHCOS 4 : OpenShift Container Platform 4.14.59 (RHSA-2025:21328)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21328 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 - runc: container escape via...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: procfs: Avoid fetching the build ID while holding the VMA lock. Fix the PROCMAPQUERY to fetch the optional build ID only after releasing the mmaplock or the per-VMA lock, whichever was used to lock the VMA, to prevent deadlock...

Astra Linux - уязвимость в runc-app

Runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2, and 1.4.0-rc.2, an attacker can trick runc into redirecting write operations to /proc to other procfs files by using a racing container with shared mounts. We have also verified th...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fixed a UAF in procreaddirde. The pde is erased from the subdir rbtree through rberase, but the node is not set to EMPTY, which may lead to UAF access. We should use RBCLEARNODE to set the erased node to EMPTY. Then,...

RHCOS 4 : OpenShift Container Platform 4.12.84 (RHSA-2026:0315)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0315 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...

RHCOS 4 : OpenShift Container Platform 4.15.61 (RHSA-2026:1540)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:1540 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...