Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Disabling bottom softirqs as part of spinlockirq on PREEMPTRT sndpcmgrouplockirq acquires a spinlockt and disables interrupts via spinlockirq. This also implicitly disables the handling of softirqs such as TIMERSOFTIRQ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: rainshadow-cec: The TOCTOU race condition in raininterrupt has been fixed. In the interrupt handler raininterrupt, the check for buffer fullness on rain-buflen is performed before acquiring rain-buflock. This creates a...

UBUNTU-CVE-2026-46298

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix race with interrupt handler While executing -ioctl handler or -release handler, if an interrupt fires on the same cpu, then we can enter into a deadlock. This patch fixes both these handlers to take...

CVE-2026-46298

CVE-2026-46298 : In the Linux kernel, a race during ioctl or release handling on pseries/papr-hvpipe could deadlock if an interrupt fires on the same CPU. The fix makes the affected lock usage use spin_lock_irqsave/restore to prevent the deadlock. The issue is resolved by the patch in the cited s...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: ufs: core: mcq: Fix for the deadlock issue caused by &hwq-cqlock When the ufscdhandleerrhandler function is executed, the CQ event interrupt may enter a waiting state for the same lock. This can occur in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rustbinder: The spinlock call in rustshrinkfreepage has been removed. When porting Rust Binder to version 6.18, I overlooked including the commit fb56fdf8b9a2 “mm/listlru: split the lock to per-cgroup scope” in the consideration...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: blk-iocost: Use spinlockirqsave in adjustinuseandcalccost. The adjustinuseandcalccost function uses spinlockirq, and IRQ will be enabled when unlocking. A DEADLOCK may occur if other locks are held and IRQs are disabled before...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In the isotprcv function, there is a potential issue where race conditions may occur during CAN frame reception. When receiving a CAN frame, the current code logic does not consider processes that are not actually running in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock issues When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array...

CVE-2026-43340

A flaw was found in the comedi subsystem of the Linux kernel. This vulnerability arises when a comedidevice is reattached to different low-level drivers using the COMEDIDEVCONFIG ioctl command. A local user with appropriate privileges could exploit this by repeatedly attaching the device, leading...

CVE-2026-43083 net: ioam6: fix OOB and missing lock

In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array when...

CVE-2026-43083

In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array when...

CVE-2026-43083

The CVE pertains to Linux kernel ioam6: a fix for an out-of-bounds access in skb_get_tx_queue when is_input is true, caused by a RX->TX queue-mapping mismatch (ingress device having more RX queues than egress TX queues). The issue could access dev->_tx[] beyond its bounds. A lock around qdi...

SUSE CVE-2026-31756

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: gadget: Fix spinlock/unlock mismatch in dwc2hsotgudcstop dwc2gadgetexitclockgating internally calls callgadget macro, which expects hsotg-lock to be held since it does spinunlock/spinlock around the gadget driver...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed a race condition related to command flushing flows. Fixed a “use-after-free” warning due to a race condition involving command entries. This race condition occurs when one command releases its last reference...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a hard lockup issue when reading the rxmonitor from debugfs. During I/O operations and simultaneous reads of /sys/kernel/debug/lpfc/fnX/rxmonitor, a hard lockup similar to the call trace below may occur. The...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: tty: serial: Fixed a deadlock in sa1100settermios There is a deadlock in sa1100settermios, as shown below: Thread 1 | Thread 2 | sa1100enablems sa1100settermios | modtimer spinlockirqsave //1 | Wait for a while ... |...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: Staging: rtl8192u: Fixed a deadlock in ieee80211beaconsstop There is a deadlock in ieee80211beaconsstop, as shown below: Thread 1 | Thread 2 | ieee80211sendbeacon ieee80211beaconsstop | modtimer spinlockirqsave //1 | Wai...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock The smpcallfunction always runs its callback in a hard IRQ context, even when running under PREEMPTRT, where spinlocks may be in a sleeping state. Therefore, we need to use a raw...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: SELinux: The use of both GFPKERNEL and GFPATOMIC in convertcontext was enabled. The following warning was triggered in a hardware environment: SELinux: Converting 162 SID table entries... BUG: The sleeping function was called...