CVE-2026-53083

A flaw was found in the Linux kernel. A missing condresched in the bpffdarraymapclear loop, specifically when handling BPF Berkeley Packet Filter PROGARRAY maps with numerous entries, can lead to an RCU Read-Copy Update stall. This can result in a Denial of Service DoS under heavy system load, as...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSv4: Fixed an error in pnfsmarkrequestcommit, when performing ODIRECT operations. Fixed an error-prone condition in pnfsmarkrequestcommit, when adding a set of write operations to the commit list in order to reschedule them...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: schedext: The deadlock caused by SCXKICKWAIT was fixed by deferring the wait until the target CPU’s kickSYNC progresses. The busy-waiting mechanism in kickcpusirqworkfn uses smpCondLoadAcquire until the target CPU’s kickSYNC...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: memcg: Fixed a soft lockup issue in the OOM process. A soft lockup issue was found in the product where approximately 56,000 processes were in the OOM cgroup. This issue occurred when traversing these processes during a soft...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handling of actinetdevs allocation failures The kmallocarray function in nfpfllagdowork will return null if physical memory runs out. As a result, if we dereference actinetdevs, null pointer dereferencing bugs may...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dm snapshot: fixed the lockup issue in dmexceptiontableexit. A lockup was reported when exiting a snapshot with many exceptions. This issue has been fixed by adding “condresched” to the loop that frees the exceptions...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: dm crypt: added condresched to dmcryptwrite The loop in dmcryptwrite may run for an unlimited amount of time; therefore, condresched is needed. This commit fixes the following warning: 3391.153255 C12 watchdog: BUG: soft lockup –...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: md/raid10: Prevent soft lockup during flush writes. Currently, there is no limit for plugged bio in raid1/raid10. During flush writes, raid1 uses condresched, while raid10 does not. Too many writes can cause a soft lockup. A...

CVE-2026-43482

A flaw was found in the Linux kernel's schedext component. If a task is preempted between the scxclaimexit function and the subsequent helper work activation, and the BPF Berkeley Packet Filter scheduler fails to reschedule it, the system can become unresponsive. This can lead to a denial of...

EUVD-2026-28610

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix SCXKICKWAIT deadlock by deferring wait to balance callback SCXKICKWAIT busy-waits in kickcpusirqworkfn using smpcondloadacquire until the target CPU's kicksync advances. Because the irqwork runs in hardirq context,...

EUVD-2026-28562

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevent RCU stalls in kasanreleasevmallocnode When CONFIGPAGEOWNER is enabled, freeing KASAN shadow pages during vmalloc cleanup triggers expensive stack unwinding that acquires RCU read locks. Processing a large...

CVE-2026-43292

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevent RCU stalls in kasanreleasevmallocnode When CONFIGPAGEOWNER is enabled, freeing KASAN shadow pages during vmalloc cleanup triggers expensive stack unwinding that acquires RCU read locks. Processing a large...

CVE-2026-43326

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix SCXKICKWAIT deadlock by deferring wait to balance callback SCXKICKWAIT busy-waits in kickcpusirqworkfn using smpcondloadacquire until the target CPU's kicksync advances. Because the irqwork runs in hardirq context,...

CVE-2026-43326

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix SCXKICKWAIT deadlock by deferring wait to balance callback SCXKICKWAIT busy-waits in kickcpusirqworkfn using smpcondloadacquire until the target CPU's kicksync advances. Because the irqwork runs in hardirq context,...

CVE-2026-43292

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevent RCU stalls in kasanreleasevmallocnode When CONFIGPAGEOWNER is enabled, freeing KASAN shadow pages during vmalloc cleanup triggers expensive stack unwinding that acquires RCU read locks. Processing a large...

CVE-2026-43292

The CVE-2026-43292 issue affects the Linux kernel mm/vmalloc path when CONFIG_PAGE_OWNER is enabled. During vmalloc cleanup, freeing KASAN shadow pages can trigger stack unwinding under an RCU read lock, and processing a large purge_list (kasan_release_vmalloc_node) may cause long RCU stalls (10+...

WordPress plugin Blog2Social: Social Media Auto Post & Scheduler 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility that cancellation of the working state update may re-schedule it, potentially...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37859)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37859 advisory. - In the Linux kernel, the following vulnerability has been resolved: pagepool: avoid infinite loop to schedul...

CLSA-2026-1768110920 kernel: Fix of 16 CVEs

crypto: lzo - Fix compression buffer overrun CVE-2025-38068 - wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work CVE-2025-39863 - NFSD: Protect against send buffer overflow in NFSv2 READ CVE-2022-43945 - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. CVE-2025-40186 - can:...