Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: tls: fixed handling of zero-length records in the rxlist. Each recvmsg call must process either: - only contiguous DATA records any number of them - one non-DATA record If the next record has a different type than those that...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netlink: Annotate lockless accesses to nlk-maxrecvmsglen. syzbot reported a data race in netlinkrecvmsg 1. Indeed, netlinkrecvmsg can be executed concurrently, and netlinkdump also requires protection. 1 Bug: KCSAN: Data race ...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed an infinite loop issue when len is 0 in the tcpbpfrecvmsg parser. When the buffer length of the recvmsg system call is 0, a soft lockup problem occurred. watchdog: BUG: Soft lockup – CPU3 stuck for 27...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: rds: Fixed a memory leak in rdsrecvmsg. Syzbot reported a memory leak in rds. The problem occurred when the reference count was not decremented in case of an error. The code is as follows: c int rdsrecvmsgstruct socket...

CVE-2026-31774

The CVE-2026-31774 issue affects the Linux kernel io_uring/net path. A 32-bit length value (sqe->len) is stored into sr->len (int), allowing values above INT_MAX (e.g., 0xFFFFFFFF) to overflow and propagate through the bundle recv/send path. This can cause a slab-out-of-bounds read in io_bu...

CVE-2026-31677

A flaw was found in the Linux kernel's afalg Algorithm Interface component. This vulnerability allows a local attacker to cause a denial of service DoS by sending specially crafted requests. The afalggetrsgl function fails to properly limit the extraction of receive scatterlist RX SG data based o...

EUVD-2026-25644

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - limit RX SG extraction by receive buffer budget Make afalggetrsgl limit each RX scatterlist extraction to the remaining receive buffer budget. afalggetrsgl currently uses afalgreadable only as a gate before...

CVE-2026-31677

The CVE-2026-31677 issue affects the Linux kernel af_alg path. The root cause is that af_alg_get_rsgl() could extract RX scatterlist data beyond the remaining receive budget, allowing a local attacker to trigger a DoS via recvmsg when there isn’t enough RX space for a chunk. The fix tightens budg...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013835)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013835 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcpbpfrecvmsgparser When the buffer...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013000)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013000 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: annotate lockless accesses to nlk-maxrecvmsglen syzbot reported a data-race in data-race...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007348)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007348 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: afbluetooth: Fix deadlock Attemting to do socklock on .recvmsg may cause a deadlock as...

PT-2026-29721

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the handling of asynchronous decryption within the TLS Transport Layer Security protocol. Specifically, the async hold queue, used to manage...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005660)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005660 advisory. In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix a refcount bug in qrtrrecvmsg Syzbot reported a bug as following: refcountt:...

AZL-77250 CVE-2026-23066 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

CVE-2026-23066

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

UBUNTU-CVE-2026-23066

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

CVE-2026-23066

CVE-2026-23066 concerns the Linux kernel RXRPC receive path. The issue arises in rxrpc_recvmsg() where, if MSG_DONTWAIT is requested and the front of the recvmsg queue has its mutex held, the call is unconditionally requeued, potentially corrupting the recvmsg queue and causing Use-After-Frees or...

CVE-2026-23066

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

EUVD-2026-5478

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

CVE-2026-23066

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...