Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fixed the issue where the RPC client cleaned up the freed pipefs directories. The cleanup of the RPC client’s pipefs directories is handled in the rpcremovepipedir function, which processes the workqueue. This function...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Double-free of rqxprtctxt while it is still in use. When a RPC request is deferred, the pointer rqxprtctxt is moved out of the svcrqst to the svcdeferredreq. When the deferred request is revisited, the pointer is copied...

Astra Linux – Vulnerability in glibc

The deprecated compatibility function svcunixcreate in the sunrpc module of the GNU C Library aka glibc from version 2.34 onwards copies the path argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the applicati...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Make sure the cache entry is active before calling cacheshow. The function cshow was called with protection from RCU. This only ensures that cp will not be freed. As a result, the reference count of cp can drop to zero,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sunrpc: Clearing the XPRTSOCKUPDTIMEOUT when resetting the transport. Since the transport-sock has been set to NULL during the reset of the transport, the XPRTSOCKUPDTIMEOUT also needs to be cleared. Otherwise, the...

SUSE CVE-2026-46265

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQMEMRECLAIM warning When sunrpc is used, if a reset triggered, our wq may lead the following trace: workqueue: WQMEMRECLAIM xprtiod:xprtrdmaconnectworker rpcrdma is flushing !WQMEMRECLAIM...

CVE-2026-46265

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQMEMRECLAIM warning When sunrpc is used, if a reset triggered, our wq may lead the following trace: workqueue: WQMEMRECLAIM xprtiod:xprtrdmaconnectworker rpcrdma is flushing !WQMEMRECLAIM...

CVE-2026-46265

The CVE-2026-46265 issue affects the Linux kernel RDMA/hns path. When sunrpc is in use and a reset occurs, QP destruction may lead to a WQ_MEM_RECLAIM dependency warning during workqueue flushing, risking kernel instability. The fixed code fixes the WQ_MEM_RECLAIM handling in the RDMA/hns path (Q...

SUSE CVE-2026-45964

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...

CVE-2026-45870

A flaw was found in the Linux kernel's SUNRPC Sun Remote Procedure Call authentication GSS Generic Security Service module. This vulnerability occurs due to memory leaks in the XDR eXternal Data Representation decoding error paths within functions like gssxdecctx, gssxdecstatus, and gssxdecname...

EUVD-2026-32248

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...

CVE-2026-45964

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...

UBUNTU-CVE-2026-45870

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

CVE-2026-45964 SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...

CVE-2026-45870

CVE-2026-45870 affects the Linux kernel’s SUNRPC auth_gss path. The issue is memory leaks in XDR decoding error paths caused by gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name() allocating buffers via gssx_dec_buffer()/kmemdup() and returning on error without freeing previously allocated mem...

CVE-2026-45964

SUNRPC: fix gssauth kref leak in gssallocmsg error path...

PT-2026-43737

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Memory leaks occur in the SUNRPC auth gss component during XDR decoding error paths. The functions gssx dec ctx, gssx dec status, and gssx dec name allocate memory using gssx dec buffer,...

CVE-2026-45870

SUNRPC: authgss: fix memory leaks in XDR decoding error paths...

PT-2026-43831

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kref leak exists in the SUNRPC component. In the gss alloc msg function, a kref get&gss auth-kref call was implemented to balance the gss put auth operation performed in gss release ms...

Linux Distros Unpatched Vulnerability : CVE-2026-45870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which...