EUVD-2026-38927

In the Linux kernel, the following vulnerability has been resolved: dm log: fix out-of-bounds write due to regioncount overflow The local variable regioncount in createlogcontext is declared as unsigned int 32-bit, but dmsectordivup returns sectort 64-bit. When a device-mapper target has a...

CVE-2026-52908

A flaw was found in the Linux kernel. This vulnerability occurs during the re-registration of a Remote Direct Memory Access RDMA memory region. If the memory's access permissions are changed from read-only to read-write, the system may fail to properly update and secure the underlying user memory...

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer

Cybersecurity researchers have disclosed details of a new campaign that delivers CastleStealer by means of a previously unreported malware loader dubbed OXLOADER. According to Elastic Security Labs, the campaign leverages malicious Google Ads as a starting point to distribute the malware. Evidenc...

Linux Distros Unpatched Vulnerability : CVE-2026-52908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA: During reregmr ensure that REREGACCESS is compatible If IBMRREREGACCESS changes from RO to RW then the umem has to be re-evaluated to ensure it is properl...

EUVD-2026-38037

In the Linux kernel, the following vulnerability has been resolved: RDMA: During reregmr ensure that REREGACCESS is compatible If IBMRREREGACCESS changes from RO to RW then the umem has to be re-evaluated to ensure it is properly pinned as RW. Since the umem is hidden inside each driver's mr stru...

CVE-2026-52908

The CVE-2026-52908 entry concerns the Linux kernel RDMA path and a compatibility issue during rereg_mr. The root cause is that if IB_MR_REREG_ACCESS changes from RO to RW, the umem must be re-evaluated to ensure proper RW pinning. The fix adds a per-driver hook ib_umem_check_rereg() (to be called...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: devlink: The region-snapshotlock was not held during snapshot flushing. Netdevsim triggers a segmentation fault when reloading, especially when destroying regions with snapshots pending: WARNING: CPU: 1 PID: 787 at...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: A memory leak has been fixed when canceling the rehash operation. The rehash operation is rescheduled with a delay if the number of credits at the end of the operation is not negative—this indicates that t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed the error handling logic in idxdcdevregister. If the call to allocchrdevregion fails, the already allocated resources are being leaked. Added the necessary error handling logic to address this issue...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Do not attempt cleanup after a failure in cxlRegionAttach. The commit 5e42bcbc3fef “cxl/region: decrement -nrtargets on error in cxlRegionAttach” attempted to avoid initialization errors when -nrtargets exceeds 16 by...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Viawdt: fixed a critical boot hang caused by unnamed resource allocation. The VIA watchdog driver uses allocateresource to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fixed a crash that occurred with stop filters in single-range mode. A check for !buf-single was added before calling ptbufferregionsize in places where a missing check could cause a kernel crash. This fix...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cgroup/dmem: Fixed a NULL pointer derefrence issue when setting the max value. The following issue was triggered: BUG: NULL pointer derefrence in the kernel; Address: 0000000000000000 PF: Supervisor read access in kernel mode...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: EFI: In runtime mode, a potential overflow of the size of the soft-reserved region has been fixed. If there are pages worth ≥ 4GB in a soft-reserved region, the value of mdsize will be reduced...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mshv: Fixed the check for overlap in memory regions. The current check was incorrect; it only checks whether the beginning or end of a region is within an existing region. This does not take into account cases where the user spac...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fixed the cxlregion leak, and cleaned up targets when a region is deleted. When a region is deleted, any targets that were previously assigned to that region still hold references to it. To trigger the release of thos...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-ep: Fixed incorrect variable used when calling devmrequestmemregion The rcarpcieparseoutboundranges function uses the devmrequestmemregion macro to request a required resource. A string variable located on the stack is...

PT-2026-50926

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA Remote Direct Memory Access component during the rereg mr process. When IB MR REREG ACCESS changes from read-only RO to read-write RW, the umem user memory mu...

SUSE CVE-2026-46325

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

SUSE CVE-2026-52905

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: disallow non-power of two minregionsz on damonstart Commit d8f867fa0825 "mm/damon: add damonctx-minszregion" introduced a bug that allows unaligned DAMON region address ranges. Commit c80f46ac228b "mm/damon/core:...