Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabilit...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netsched: prio: fix a race in priotune Gerrard Tai reported a race condition in PRIO, whenever the SFQ perturb timer fires at the wrong time. The race occurs as follows: CPU 0 CPU 1 1: lock root 2: qdisctreeFlushBacklog 3: unlock...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: sched: flower: Protect flwalk with rcu. The patch that refactored flwalk to use idrforeachentrycontinueul also removed the rcu protection for individual filters. This caused a use-after-free when the filter was deleted...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed scheduling issues during atomic decompression operations 16.945668 C0 Call trace: 16.945678 C0 dumpbacktrace+0x110/0x204 16.945706 C0 dumpstacklvl+0x84/0xbc 16.945735 C0 schedulebug+0xb8/0x1ac 16.945756 C0...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: uio: uiodmemgenirq: Fixed an issue where the unlock operation was missed in irq configuration. The commit b74351287d4b “uio: fixed a bug in uiodmemgenirqirqcontrol”. corrected the code so that disableirq was called without...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the vport QoS cleanup process when an error occurs. When enabling vport QoS fails, the scheduling node never gets freed, resulting in a leak. The missing fields were added, and the vport scheduling node pointer wa...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: netsched: hfsc: Fixed a potential UAF in hfscdequeue. Similarly to the previous patch, we also need to properly protect hfscdequeue. However, for this issue, we do not have a reliable way to reproduce the problem...

Astra Linux – Vulnerabilities in Linux-6.1, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netsched: The gsoskb list is also flushed during the -change operation. Previously, when reducing the limit of a qdisc using the -change operation, only the main skb queue was trimmed, potentially leaving packets in the gsoskb...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/sched: fixed the lockdep issue in qdisctreereducebacklog The qdisctreereducebacklog function is called with the qdisc lock held, not RTNL. We must use qdisclookuprcu instead of qdisclookup. syzbot reported: WARNING:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ICE: Fixed ‘scheduling while atomic’ in aux critical error interrupts There’s a kernel bug related to processing aux critical error interrupts in icemiscintr: 2100.917085 BUG: Scheduling while atomic: swapper/15/0/0x00010000… …...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ice: Do not double-unplug the aux device during a peer-initiated reset. In the IDC callback that is called when aux drivers request a reset, the function to unplug the aux devices is executed. This function is also called in the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed an access race in the gpu recovery process. A potential UAF Uninitialized Address Fault during GPU recovery was avoided due to a race between the sched timeout callback and the tdr work queue. The gpu recovery...

Siemens RUGGEDCOM RST2428P Race Condition (CVE-2025-40258)

"In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race condition in mptcpschedulework syzbot reported use-after-free in mptcpschedulework 1 Issue here is that mptcpschedulework schedules a work, then gets a refcount on sk-skrefcnt if the work was scheduled. This...

SUSE CVE-2026-46331

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using tcfpoffmaxhint, but the hint does not account for the runtime header offset...

USN-8434-1 nova vulnerability

It was discovered that Nova did not strip internal nova-prefixed scheduler hints supplied by users on instance creation. An attacker could possibly use this issue to bypass Placement resource claims and scheduling constraint enforcement...

CVE-2026-46331

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using tcfpoffmaxhint, but the hint does not account for the runtime header offset...

CVEAlertor

CVEAlertor Get an instant Telegram alert the moment a new C...

CVE-2026-46319

In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: Only release RCU read lock after ctft When looking up a flow table in actct in tcfctflowtableget, rhashtablelookupfast internally opens and closes an RCU read critical section before returning ctft. The...

CVE-2026-46319

In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: Only release RCU read lock after ctft When looking up a flow table in actct in tcfctflowtableget, rhashtablelookupfast internally opens and closes an RCU read critical section before returning ctft. The...