CVE-2026-46262

A flaw was found in the Linux kernel's audio subsystem, specifically in the fslxcvr module. This vulnerability allows a local user to trigger a deadlock condition within the system. By attempting to acquire a read lock while already holding a write lock in the same process, the system can become...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility of deadlock occurring when the shadow stack signals hold a mmap read lock during signal...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed the issue where xasretry was missing in the fscache mode. The xarray iteration only holds the RCU read lock; therefore, an XARETRYENTRY might be encountered if a process modifies the xarray concurrently. This would...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: A suspicious RCU usage warning was fixed in iptunnelinitflow. There are code paths where the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning 1. This issue was fixe...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ipv6: A possible Use-after-Allocation UAF condition in ip6xmit has been prevented. If skbexpandhead returns NULL, the skb buffer is freed, and the associated dst/idev fields may also be freed. We must use rcureadlock to prevent...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: zsmalloc: Fixed races between asynchronous zspage free operations and page migration. The asynchronous zspage free worker attempts to lock the entire page list of a zspage, without protecting against page migration. Since page...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mctp: Route lookups are performed under a RCU read-side lock. Our current route lookups mctproutelookup and mctproutelookupnull traverse the network’s route list without holding the RCU read lock. This means that the route lookup...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xfrm: State: Initialize stateptrs earlier in xfrmstatefind In cases of preemption, xfrmstatelookat will find a different pcpuid and look up states for that other CPU. If a state is matched for CPU2 in the statecache while the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow A UAF Use-After-Free can occur when reading /proc/cpuset, as reported in 1. This issue can be reproduced using the following methods: 1. Add an mdelay1000 before acquiring the cgrouplo...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bus: MHI: Host – Drop the channel lock before queuing buffers. Ensure that read and write locks for the channel are not acquired consecutively by dropping the read lock from parsexferevent. This allows a callback provided to the...

kernel: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()

In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcureadlocktraceheld in bpfmaplookuppercpuelem bpfmaplookuppercpuelem helper is also available for sleepable bpf program. When BPF JIT is disabled or under 32-bit host, bpfmaplookuppercpuelem will not be inlined. Using...

SUSE CVE-2026-43109

In the Linux kernel, the following vulnerability has been resolved: x86: shadow stacks: proper error handling for mmap lock 김영민 reports that shstkpopsigframe doesn't check for errors from mmapreadlockkillable, which is a silly oversight, and also shows that we haven't marked those functions with...

CVE-2026-43358

In the Linux kernel, the following vulnerability has been resolved: btrfs: add missing RCU unlock in error path in tryreleasesubpageextentbuffer Call rcureadlock before exiting the loop in tryreleasesubpageextentbuffer because there is a rcureadunlock call past the loop. This has been detected by...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from ksmbd releasing the oplockinfo immediately during critical sections like opinfoget and...

CVE-2026-43109

A flaw was found in the Linux kernel's x86 shadow stacks implementation. An oversight in the shstkpopsigframe function's error handling for mmapreadlockkillable could lead to unexpected behavior. This vulnerability involves improper error checking during memory management operations...

EUVD-2026-27629

In the Linux kernel, the following vulnerability has been resolved: x86: shadow stacks: proper error handling for mmap lock 김영민 reports that shstkpopsigframe doesn't check for errors from mmapreadlockkillable, which is a silly oversight, and also shows that we haven't marked those functions with...

CVE-2026-43109

In the Linux kernel, the following vulnerability has been resolved: x86: shadow stacks: proper error handling for mmap lock 김영민 reports that shstkpopsigframe doesn't check for errors from mmapreadlockkillable, which is a silly oversight, and also shows that we haven't marked those functions with...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the shstkpopsigframe function not checking the return value of mmapreadlockkillable and not marki...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed the issue where the timer for a call could start simultaneously with the destruction of the call itself. The rxrpccall structure includes a timer used to handle various timed events related to calls. This timer can b...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ila: blocking BH in ilaoutput As explained in commit 1378817486d6 “tipc: blocking BH before using dstcache”, the net/core/dstcache.c helpers need to be called with BH disabled. ilaoutput is called from lwtunneloutput, possibly fr...