CVE-2026-46249 octeontx2-af: Fix PF driver crash with kexec kernel booting

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver crash with kexec kernel booting During a kexec reboot the hardware is not power-cycled, so AF state from the old kernel can persist into the new kernel. When AF and PF drivers are built as modules, the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: crypto: ccp – Fixed null pointer dereference in sevplatformshutdownlocked. The SEV platform device can be shut down with a null pspmaster, for example, using DEBUGTESTDRIVERREMOVE. This issue was discovered using KASAN...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: The FW DMA is stopped in bnxtshutdown. The netifclose call in bnxtshutdown only stops packet DMA. There may be FW DMA for trace logging recently added, which will continue. If we execute an kexec to a new kernel, the DMA...

EUVD-2025-201858

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Disable periods-elapsed work when closing PCM avsdaifeshutdown handles the shutdown procedure for HOST HDAudio stream while period-elapsed work services its IRQs. As the former frees the DAI's private context,...

CVE-2025-40344 ASoC: Intel: avs: Disable periods-elapsed work when closing PCM

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Disable periods-elapsed work when closing PCM avsdaifeshutdown handles the shutdown procedure for HOST HDAudio stream while period-elapsed work services its IRQs. As the former frees the DAI's private context,...

CVE-2021-47110

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on shutdown Currenly, we disable kvmclock from machineshutdown hook and this only happens for boot CPU. We need to disable it for all CPUs to guard against memory corruption e.g. on restore...

BIT-CONTOUR-2020-15127 Denial of service in Contour

In Contour Ingress controller for Kubernetes before version 1.7.0, a bad actor can shut down all instances of Envoy, essentially killing the entire ingress data plane. GET requests to /shutdown on port 8090 of the Envoy pod initiate Envoy's shutdown procedure. The shutdown procedure includes...

How to gracefully shutdown SD WAN

This articles talks about the procedure on how to shutdown the SD WAN when there is any maintenance activity in place in the DC or Branch...