EUVD-2026-38856

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: join hook list via splicelistrcu in commit phase Publish new hooks in the list into the basechain/flowtable using splicelistrcu to ensure netlink dump list traversal via rcu is safe while concurrent ruleset...

CVE-2026-52988

The CVE-2026-52988 entry concerns the Linux kernel’s netfilter nf_tables path, where a join hook list is updated via splice_list_rcu() during commit phase. This mechanism is used to publish new hooks into basechain/flowtable; the change aims to ensure safe netlink dump list traversal by RCU trave...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix for unbuffered write error handling If all the subrequests in an unbuffered write stream fail, the subrequest collector does not update the stream-transferred value, and it retains its initial LONGMAX value...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfsd: Do not replace a page in the rqpages array if it is a continuation of the last page. The splice read function calls nfsdspliceactor to place the pages containing file data into the svcrqst-rqpages array. However, it is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fuse: We are returning to using readaheadfolio for readahead. In commit 3eab9d7bc2f4 “fuse: converting readahead to use folio”, the logic was changed to use the new folio version of readahead. This change removes the reference to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/cmdnet: fixed incorrect argument types for skbqueuesplice. If retrying timestamp retrieval is necessary and the local list of SKBs already contains entries, then those entries are spliced back into the socket queue...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, do not write to the msggetinq field in the callee. This issue involves fixing the problem of NULL pointer dereferencing. msggetinq is an input field from the caller to the callee. Do not set it in the callee...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/smc: fixed a warning in smcrxsplice, when calling getpage The smcloregisterdmb function allocates DMB buffers using kzalloc, which are later passed to getpage in smcrxsplice. Since kmalloc memory is not page-backed, this...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: exfat: A missing shutdown check was fixed. xfstests generic/730 test failed: After deleting a device that still contained dirty data, the file could still be read without returning an error. The reason is the missing shutdown...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv4, ipv6: Fixed the handling of transhdrlen in ip,6appenddata. Including transhdrlen in the packet length is a problem when the packet is partially filled e.g., a sendMSGMORE operation occurred previously when appending to a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: tls: Fixed a NULL dereference issue in tlsswspliceeof, where an empty plaintext/ciphertext buffer could cause confusion in the sendfile process. When the plaintext/ciphertext skmsg is empty, the send path becomes confused because...

dirtyfrag

Dirty Frag Overview Dirty Frag is a class of Linux ke...

-authencesn-poc

authencesn-poc Mrowl made by c0redev https://unitdev.run...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

Copy Fail — Python PoC CVE-2026-31431 This is a compact Pyt...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copy-fail CVE-2026-31431 Copy Fail – a C language PoC,...

Astra Linux - уязвимость в linux-5.10

There exists a use-after-free vulnerability in the Linux kernel through the iouring mechanism and the IORINGOPSPLICE operation. If the IORINGOPSPLICE operation lacks the IOWQWORKFILES flag, it indicates that the operation will not utilize current-nsproxy. As a result, the reference counter is not...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A memory write flaw that is outside the bounds of the system’s security was discovered in the Linux kernel’s Transport Layer Security functionality. This flaw allows a local user to cause a crash or potentially escalate their privileges on the system...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Net: TLS – Fix for the WARNING message when using skmsgfree. A splice operation with MSGSPLICEPAGES causes the TLS sendmsg code to use the tlsswsendmsgsplice path to move the user-provided pages from the msg buffer to the msgpl...

Exploit for Write-what-where Condition in Linux Linux_Kernel

Dirty Frag - kernel Linux critical Vulnerability- CVE-2026-432...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 - Linux Kernel AFALG "Copy Fail" Local Privile...