787 matches found
CVE-2026-10667
Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...
CVE-2026-10667 SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynamic kernel-object tracking, reachable from unprivileged user threads
Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...
CVE-2026-10667
Zephyr CVE-2026-10667 affects SMP builds with CONFIG_USERSPACE and dynamic objects (CONFIG_DYNAMIC_OBJECTS). The bug is a use-after-free in the dynamic kernel-object tracker: k_object_wordlist_foreach() iterates obj_list under lists_lock while removals and frees occur under objfree_lock/obj_lock,...
CVE-2026-53008 ice: fix race condition in TX timestamp ring cleanup
In the Linux kernel, the following vulnerability has been resolved: ice: fix race condition in TX timestamp ring cleanup Fix a race condition between icefreetxtstampring and icetxmap that can cause a NULL pointer dereference. icefreetxtstampring currently clears the ICETXFLAGSTXTIME flag after...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disabling MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this period e.g., from...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevents corruption of pcp with SMP=n. The kernel test robot has reported: BUG: Spinlock trylock failure on CPU0, kcompactd0/28. Lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0. CPU: ...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23025)
In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0 CPU: 0...
EUVD-2026-32774
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix pin leak and publication ordering in pkvminitvcpu Two bugs exist in the vCPU initialisation path: 1. If a check fails after hyppinsharedmem succeeds, the cleanup path jumps to 'unlock' without calling unpinhostvcp...
CVE-2026-46147
CVE-2026-46147 concerns the Linux kernel KVM on ARM64, where two bugs in vCPU initialisation can leak pin references to host vCPU/SVE pages and allow observation of a partially initialised vCPU object. The fixes extract a helper for vCPU registration, ensure proper unpinning on error, and enforce...
Linux Distros Unpatched Vulnerability : CVE-2026-46063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack...
CVE-2026-46063 x86/shstk: Prevent deadlock during shstk sigreturn
In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed a preempt count leak in the napi poll tracepoint. Using getcpu in the tracepoint assignment causes an obvious preempt count leak, because nothing invokes putcpu to undo it. softirq: Huh, entered softirq 3 for NETRX...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fixed a use-after-free bug in smpexecutetasksg When executing an SMP task fails, the smpexecutetasksg function calls deltimer to delete the “slowtask-timer” timer. However, if the timer handler sastaskinternaltimedo...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: MIPS: smp: fill in sibling and core maps earlier After enabling CONFIGSCHEDCORE landed during 5.14 cycle, 2-core 2-thread-per-core interAptiv CPS-driven started emitting the following messages: 0.025698 CPU1 revision is:...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ARM: rockchip: fixed a kernel hang during SMP initialization To enable the secondary CPUs’ main CPU write trampoline code to SRAM, the trampoline code is written while the secondary CPUs are powered on at least this is true fo...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock The smpcallfunction always runs its callback in a hard IRQ context, even when running under PREEMPTRT, where spinlocks may be in a sleeping state. Therefore, we need to use a raw...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Net: Bridge – Use DEVSTATSINC The syzbot/KCSAN reported a data race in the brhandleframefinish function 1. This function can be executed on multiple CPUs without mutual exclusion. It is recommended to use the SMP-safe DEVSTATSINC...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: lpfc: Fixed the call trace observed during I/O with CMF enabled. The following issue was observed with CMF enabled: BUG: Using smpprocessorid in a preemptible context. Code: systemd-udevd/31711 Kernel: Caller is...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021563)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021563 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smpexecutetasksg When executing SMP task failed, the...
CVE-2026-32848
NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodevop within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier on SMP systems. Attackers can exploit...