Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: can: j1939: fixed Use-after-Free, failed to increment the ref count of the skb while it was in use. This patch addresses a Use-after-Free issue identified by the syzbot. The problem arises when a skb is taken from the per-session...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Thunderbolt: Fixed a use-after-free in tbdpdprxwork. The original code relied on canceldelayedwork in tbdpdprxstop, which does not ensure that the delayed work item tunnel-dprxwork has fully completed if it was already running...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: spi: tegra20-slink: fix UAF in tegraslinkremove After calling spiunregistermaster, the refcount of the master will decrease to 0, and it will be freed in spicontrollerrelease. The device data will also be freed, which can lead to...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: elx: libefc: Fixed potential use after free in efcnportvportdel The krefput function will call nport-release if the reference count drops to zero. The nport-release function is efcnportfree, which frees the “nport” object...

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

kernel: can: j1939: j1939_session_new(): fix skb reference counting

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...

RHEL 10 : kernel (RHSA-2026:25908)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25908 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: afcan: do not leave a...

kernel: smc: Fix use-after-free in tcp_write_timer_handler()

In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in tcpwritetimerhandler. With Eric's ref tracker, syzbot finally found a repro for use-after-free in tcpwritetimerhandler by kernel TCP sockets. 0 If SMC creates a kernel socket in smccreate, the kernel...

EUVD-2026-35405

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

SUSE CVE-2026-46288

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in ofunittestchangeset The variable 'parent' is assigned the value of 'nchangeset' earlier in the function, meaning both point to the same struct devicenode. The call to ofnodeputnchangeset can...

UBUNTU-CVE-2026-46288

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in ofunittestchangeset The variable 'parent' is assigned the value of 'nchangeset' earlier in the function, meaning both point to the same struct devicenode. The call to ofnodeputnchangeset can...

EUVD-2026-35153

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in ofunittestchangeset The variable 'parent' is assigned the value of 'nchangeset' earlier in the function, meaning both point to the same struct devicenode. The call to ofnodeputnchangeset can...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the page reference counting assertion condition in p2pmemallocmmap, potentially leadi...

PT-2026-46027

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the DRM/XE sysfs initialization where a failure in devm add action or reset causes a cleanup action to run immediately on a kobject that has not yet been initialized...

SUSE CVE-2026-46111

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

CVE-2026-46170

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. When an ADDADDR message is retransmitted, an issue in socket sk reference counting can prevent the socket from being properly freed. This improper resource management may lead to a Denial of Service DoS condition, where th...

EUVD-2026-32870

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

CVE-2026-46111

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

UBUNTU-CVE-2026-46111

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

CVE-2026-46111 Bluetooth: hci_conn: fix potential UAF in create_big_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...