1031 matches found
PT-2026-43863
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the SPI subsystem of the Linux kernel. The subsystem frees the controller and any allocated driver data during deregistration, unless the allocation is...
PT-2026-43818
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the BPF subsystem involving BTF objects. The problem stems from incorrect refcounting within the check pseudo btf id function, which can lead to the chec...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from incorrect reference counting of BTF objects in the checkpseudobtfid function. This vulnerability...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect inference of the zero-copy status during the cleanup phase before messages are...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Thunderbolt: Fixed a use-after-free in tbdpdprxwork. The original code relied on canceldelayedwork in tbdpdprxstop, which does not ensure that the delayed work item tunnel-dprxwork has fully completed if it was already running...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cachefiles: corrected the incorrect dentry reference count in cachefilescull. The patch mentioned below changed cachefilesburyobject to expect two references to the ‘rep’ dentry. Three of the caller functions were changed to use...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1, Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: TLS: Fixed a race condition between the async notify and socket close operations. The thread that submitted the request the one that called recvmsg/sendmsg may exit as soon as the async crypto handler’s complete function is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: tegra20-slink: Fixed a UAF Use-after-Allocation issue in tegraslinkremove. After calling spiunregistermaster, the refcount of the master will be decreased to 0, and it will be freed in spicontrollerrelease. The device data...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed a kernel panic caused by a race condition involving smcsock. A crash occurs when smccdctxhandler attempts to access smcsock, but smcrelease has already freed it. 4570.695099 BUG: Unable to handle a page fault for...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cachefiles: All requests are flushed after setting CACHEFILESDEAD. In ondemand mode, when the daemon is processing an open request, if the kernel marks the cache as CACHEFILESDEAD, the cachefilesdaemonwrite function will always...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Makes bpfrefcountacquire failable for non-owning references This patch fixes an incorrect assumption made in the original bpfrefcount series 0. Specifically, it assumes that the BPF program calling bpfrefcountacquire on a...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: elx: libefc: Fixed potential use after free in efcnportvportdel The krefput function will call nport-release if the reference count drops to zero. The nport-release function is efcnportfree, which frees the “nport” object...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: j1939: fixed Use-after-Free, failed to increment the ref count of the skb while it was in use. This patch addresses a Use-after-Free issue identified by the syzbot. The problem arises when a skb is taken from the per-session...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed the remap of the arena. The BPF arena logic did not account for the mremap operation. Added a reference count for multiple mmap events to prevent use-after-free in arenavmclose...
GHSA-C38F-WX89-P2XG UltraJSON has a Memory Leak in ujson.dump() on Write Failure
Summary When ujson.dump writes to a file-like object and the write operation raises an exception, the serialized JSON string object is not decremented, leaking memory. Each failed write operation leaks the full size of the serialized payload. Code that uses ujson.dumps rather than ujson.dump or...
CVE-2026-43465
A flaw was found in the Linux kernel's mlx5e driver. This vulnerability arises from incorrect fragment counting when XDP eXpress Data Path multi-buffer programs modify the XDP buffer layout. This issue could allow a local attacker or a specially crafted network packet to trigger a negative...
EUVD-2026-28771
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag...
EUVD-2026-28720
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...
CVE-2026-43464
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag correct...
CVE-2026-43464 net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag correct...