Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In md/raid10, the issue of null-ptr-deref in raid10syncrequest has been fixed. In initresync, the mempool is initialized, and conf-havereplacemnt is set to 0 at the beginning of the sync process. closesync frees the mempool when...

PT-2026-43917

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the md/raid10 module during an array check operation when NOWAIT requests are processed. When a check is running, the system raises a barrier that blocks normal...

CLSA-2026-1778616298 redis: Fix of 2 CVEs

CVE-2026-23631: use-after-free in readSyncBulkPayload when a full resync happens while a timed-out script is still running on the replica - CVE-2026-25243: heap corruption and out-of-bounds reads in the RESTORE command deserialization path rdb.c, sds.c, zipmap.c...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mlx5: Fixed a leak in skb during fifo resync and push operations. During the ptp resync operation, SKBs were popped from the fifo, but they were never freed either by napiconsume or by devkfreeskbany. Added a call to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mlx5: fixed the potential use-of-free condition when using the PTP queue’s FIFO mechanism. FIFO indexes are not checked during pop operations, which can lead to a use-of-free issue when popping items from an empty queue. This...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS; fixed a crash that occurred during the RX resync process. For the TLS RX resync process, we maintain a list of TLS contexts that require some attention. We communicate their resync information to the hardware...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013851)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013851 advisory. In the Linux kernel, the following vulnerability has been resolved: md: fix soft lockup in statusresync statusresync will calculate 'currresync - recoveryactive' to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013155)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013155 advisory. In the Linux kernel, the following vulnerability has been resolved: md: fix soft lockup in statusresync statusresync will calculate 'currresync - recoveryactive' to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010921)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010921 advisory. In the Linux kernel, the following vulnerability has been resolved: md: fix soft lockup in statusresync statusresync will calculate 'currresync - recoveryactive' to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013242)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013242 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets...

EUVD-2026-15331

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

CVE-2026-23356

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

CVE-2026-23356 drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock()

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

Linux Distros Unpatched Vulnerability : CVE-2026-23356

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drbd: fix LOGIC BUG in drbdalbeginiononblock Even though we check that we should be able to do lcgetcumulative while holding the device-allock spinlock, it may...

Linux Distros Unpatched Vulnerability : CVE-2023-54238

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by...

EUVD-2023-60403

In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...

CVE-2023-54238

In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...

UBUNTU-CVE-2023-54238

In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...

CVE-2023-54238

CVE-2023-54238 affects the Linux kernel in the mlx5 area. Two issues are described: (1) a SKB leak during ptp resync where SKBs were popped from the fifo but not freed (addressed by adding napi_consume_skb to properly free SKBs); and (2) an overrun in mlx5e_skb_fifo_has_room() where a counter com...

CVE-2023-54238 mlx5: fix skb leak while fifo resync and push

In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...