Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: mm/slub: Added missing TID updates when the CPU slab is deactivated. The fastpath in slaballocnode assumes that c-slab remains stable as long as the TID remains the same. However, there are two places in slaballoc where the TI...

CVE-2023-54265

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix an uninit variable access bug in ip6makeskb Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in archatomic64inc arch/x86/include/asm/atomic6464.h:88 inli...

CVE-2025-40348 slab: Avoid race on slab->obj_exts in alloc_slab_obj_exts

In the Linux kernel, the following vulnerability has been resolved: slab: Avoid race on slab-objexts in allocslabobjexts If two competing threads enter allocslabobjexts and one of them fails to allocate the object extension vector, it might override the valid slab-objexts allocated by the other...

EUVD-2022-54535

Malicious code in bioql PyPI...

CVE-2022-50335

In the Linux kernel, the following vulnerability has been resolved: 9p: set req refcount to zero to avoid uninitialized usage When a new request is allocated, the refcount will be zero if it is reused, but if the request is newly allocated from slab, it is not fully initialized before being added...

CVE-2022-50335 9p: set req refcount to zero to avoid uninitialized usage

In the Linux kernel, the following vulnerability has been resolved: 9p: set req refcount to zero to avoid uninitialized usage When a new request is allocated, the refcount will be zero if it is reused, but if the request is newly allocated from slab, it is not fully initialized before being added...

DEBIAN-CVE-2025-38523

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...

DEBIAN-CVE-2022-49950

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on open The probe session-duplication overflow check incremented the session count also when there were no more available sessions so that memory beyond the fixed-size slab-allocated session...

CVE-2025-37774 slab: ensure slab->obj_exts is clear in a newly allocated slab page

In the Linux kernel, the following vulnerability has been resolved: slab: ensure slab-objexts is clear in a newly allocated slab page ktest recently reported crashes while running several buffered io tests with alloctaggingslaballochook at the top of the crash call stack. The signature indicates ...

PT-2025-18455 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc1-ktest-g189e17946605 19327 Description: A vulnerability in the Linux kernel has been resolved, which was causing crashes while running buffered io tests with alloc tagging slab alloc hook at the top of...

Linux Distros Unpatched Vulnerability : CVE-2022-49700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/slub: add missing TID updates on slab deactivation The fastpath in slaballocnode assumes that c-slab is stable as long as the TID stays the same. However, tw...

CVE-2022-49700

CVE-2022-49700 is a Linux kernel SLUB allocator bug: the fastpath in slab_alloc_node() can race with slab deactivation, allowing a mismatch where c->slab/c->freelist become inconsistent and can lead to a use-after-free or a page freeing while it still contains slab objects. The issue is tie...

CVE-2024-46789

In the Linux kernel, the following vulnerability has been resolved: mm/slub: add check for s-flags in the alloctaggingslabfreehook When enable CONFIGMEMCG & CONFIGKFENCE & CONFIGKMEMLEAK, the following warning always occurs,This is because the following call stack occurred: mempoolalloc...

PT-2025-37637

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's 9p protocol implementation where the reference count of a request is not properly initialized. Specifically, when a new request is allocated and...

UBUNTU-CVE-2017-7889

The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...