373 matches found
PT-2026-44239
In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrm state lists in xfrm state delete KASAN reproduces a slab-use-after-free in xfrm state delete's hlist del rcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable vi...
CVE-2026-45861
CVE-2026-45861 refers to a Linux kernel vulnerability in the GFS2 file system. The root cause is a slab-use-after-free: during filesystem shutdown, quota data objects were freed without being removed from the LRU list due to the change in the a475c5dd16e5 sequence. As a result, the shrinker (gfs2...
CVE-2026-45861
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed ...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a slab-use-after-free in ext4splitextentat. We encountered the following use-after-free issues: BUG: KASAN: slab-use-after-free in ext4splitextentat+0xba8/0xcc0 Read of size 2 at addr ffff88810548ed08 by task...
Astra Linux - уязвимость в linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix slab-use-after-free in scmibusnotifier The scmidev-name is released prematurely in scmidevicedestroy, which causes slab-use-after-free when accessing scmidev-name in scmibusnotifier. So move the release of...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtvmuxinit. 1 After PSI initialization fails, the si member is accessed again, resulting in this uaf. Afte...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: fixed a slab-use-after-free issue in decodeSession6 When the xfrm device is set to the qdisc of the sfb type, the cb field of the sentskb may be modified during enqueuing. This can lead to a slab-use-after-free when the xfr...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN: slab-use-after-free in...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in fscachewithdrawvolume We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN: slab-use-after-free in...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Scsi: sg: Fix slab-use-after-free issue in sgrelease A use-after-free bug was fixed in sgrelease, detected by syzbot with KASAN: Bug: KASAN: Slab-use-after-free in lockrelease+0x151/0xa30 kernel/locking/lockdep.c:5838...
Linux Distros Unpatched Vulnerability : CVE-2026-31669
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability...
CVE-2026-31669
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...
CVE-2026-31669 mptcp: fix slab-use-after-free in __inet_lookup_established
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013037)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013037 advisory. In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010818)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010818 advisory. In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006979)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006979 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc ...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007249)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007249 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decodesession6 When the xfrm device is set to the qdisc of the s...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006738)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006738 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc ...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006722)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006722 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decodesession6 When the xfrm device is set to the qdisc of the s...