CVE-2026-52925

The CVE-2026-52925 entry relates to the Linux kernel VRF handling. The vulnerability arose from a race where an RCU reader identifying a net device as a VRF port could dereference l3mdev operations of a master device (e.g., a bridge) after netdev_master_upper_dev_get_rcu() returned it as a VRF de...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ftrace: Fixed a use-after-free issue related to dynamic ftraceops. KASAN reported a use-after-free when using ftrace. It was discovered that perf registered two ftrace operations with the same content, both being dynamic. Afte...

CVE-2026-45895

CVE-2026-45895 affects the Linux kernel quota subsystem: quotactl_block() can livelock with freeze_super() when a filesystem is frozen on non-preemptible kernels, causing freezer hang and 100% CPU. Root cause: a retry loop in quotactl_block() spinning without scheduling points prevents RCU quiesc...

CVE-2026-31541 tracing: Fix trace_marker copy link list updates

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix tracemarker copy link list updates When the "copytracemarker" option is enabled for an instance, anything written into /sys/kernel/tracing/tracemarker is also copied into that instances buffer. When the option is set...

PT-2026-34893

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix trace marker copy link list updates When the "copy trace marker" option is enabled for an instance, anything written into /sys/kernel/tracing/trace marker is also copied into that instances buffer. When the option is...

Azure Linux 3.0 Security Update: kernel (CVE-2024-39486)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39486 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/drmfile: Fix pid refcounting race ,...

CVE-2022-50374

CVE-2022-50374 affects the Linux kernel Bluetooth stack (hci_ldisc/hci_serdev). The issue is a missing handling of percpu_init_rwsem() failure, leading to a NULL pointer dereference in hci_uart_tty_close() because rcu_sync_enter() can be called without rcu_sync_init() after hci_uart_tty_open() ig...

Linux Distros Unpatched Vulnerability : CVE-2025-21938

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: fix 'scheduling while atomic' in mptcppmnlappendnewlocaladdr If multiple connection...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed the “scheduling while atomic” issue in mptcppmnl.AppendNewLocalAddr. If multiple connection requests attempt to create an implicit mptcp endpoint simultaneously, more than one caller may end up using...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ftrace: Fixed a possible use-after-free issue in ftracelocation. KASAN reports a bug: BUG: KASAN: use-after-free in ftracelocation+0x90/0x120 Reading an 8-byte value at address ffff888141d40010 by task insmod/424 CPU: 8 PID: 4...

CVE-2024-44959 tracefs: Use generic inode RCU for synchronizing freeing

In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...

CVE-2024-44959

The CVE-2024-44959 entry concerns the Linux kernel tracefs component. It describes a root cause in the in-kernel memory reclaim path where structure layout randomization of struct inode can cause overlapping or misused RCU fields during freeing, potentially triggering list corruption (list_del) a...

UBUNTU-CVE-2024-39486

In the Linux kernel, the following vulnerability has been resolved: drm/drmfile: Fix pid refcounting race , Maxime Ripard , Thomas Zimmermann filp-pid is supposed to be a refcounted pointer; however, before this patch, drmfileupdatepid only increments the refcount of a struct pid after storing a...

SUSE CVE-2021-47394

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unlink table before deleting it syzbot reports following UAF: BUG: KASAN: use-after-free in memcmp+0x18f/0x1c0 lib/string.c:955 nlastrcmp+0xf2/0x130 lib/nlattr.c:836 nfttablelookup.part.0+0x1a2/0x460...

UBUNTU-CVE-2024-26910

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix performance regression in swap operation The patch "netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test", commit 28628fa9 fixes a race condition. But the synchronizercu add...