Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40278)

In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel- infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . net? KMSAN: kernel-infoleak in skbdatagramiter In tcfifedump, the variable 'opt' was partially...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: isotp: split the transmission timer into two parts—transmission and timeout. The timer for the transmission of isotp PDUs previously had two functions: 1. sending two consecutive frames with a specified time interval. 2...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: Do not queue data on closed subflows. Dipanjan reported a critical bug fix at the right time: WARNING: CPU: 1 PID: 10818 at net/ipv4/afinet.c:153 inetsockdestruct+0x6d0/0x8e0 net/ipv4/afinet.c:153 Linked modules:...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an warning in ext4updateinlinedata. Syzbot identified the following issue: EXT4-fs loop0: Mounted a filesystem with PID 5071 at file mm/pagealloc.c:5525 allocpages+0x30a/0x560. Quota mode: None. fscrypt:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cgroup: Added the missing cpusreadlock function to cgroupattachtaskall. The syzbot tool encounters a warning regarding percpurwsemassertheld&cpuhotpluglock when calling cpusetattach 1. This issue was missed because cpusetattach i...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: Device name buffers passed to the device replace function are properly validated for string termination. This prevents a read out of bounds situation in the getnamekernel function. There is a syzbot report...

kernel: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: account for Ethernet header in nfflowpppoeproto syzbot found a potential access to uninit-value in nfflowpppoeproto Blamed commit forgot the Ethernet header. BUG: KMSAN: uninit-value in...

CVE-2026-43474

In the Linux kernel, the following vulnerability has been resolved: fs: init flagsvalid before calling vfsfileattrget syzbot reported a uninit-value bug in 1. Similar to the "get" context where the kernel's internal filekattr structure is initialized before calling vfsfileattrget, we should use t...

CVE-2026-43474 fs: init flags_valid before calling vfs_fileattr_get

In the Linux kernel, the following vulnerability has been resolved: fs: init flagsvalid before calling vfsfileattrget syzbot reported a uninit-value bug in 1. Similar to the "get" context where the kernel's internal filekattr structure is initialized before calling vfsfileattrget, we should use t...

SUSE CVE-2026-43166

In the Linux kernel, the following vulnerability has been resolved: erofs: fix interlaced plain identification for encoded extents Only plain data whose start position and on-disk physical length are both aligned to the block size should be classified as interlaced plain extents. Otherwise, it mu...

SUSE CVE-2026-43209

In the Linux kernel, the following vulnerability has been resolved: minix: Add required sanity checking to minixchecksuperblock The fs/minix implementation of the minix filesystem does not currently support any other value for slogzonesize than 0. This is also the only value supported in...

EUVD-2026-27787

In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks In a06ec283e125 nextid, foldercount, and filecount in the super block info were expanded to 64 bits, and BUGONs were added to detect overflow. This triggered an error...

EUVD-2026-27770

In the Linux kernel, the following vulnerability has been resolved: minix: Add required sanity checking to minixchecksuperblock The fs/minix implementation of the minix filesystem does not currently support any other value for slogzonesize than 0. This is also the only value supported in...

EUVD-2026-27729

In the Linux kernel, the following vulnerability has been resolved: erofs: fix interlaced plain identification for encoded extents Only plain data whose start position and on-disk physical length are both aligned to the block size should be classified as interlaced plain extents. Otherwise, it mu...

CVE-2026-43228

In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks In a06ec283e125 nextid, foldercount, and filecount in the super block info were expanded to 64 bits, and BUGONs were added to detect overflow. This triggered an error...

CVE-2026-43209

In the Linux kernel, the following vulnerability has been resolved: minix: Add required sanity checking to minixchecksuperblock The fs/minix implementation of the minix filesystem does not currently support any other value for slogzonesize than 0. This is also the only value supported in...

CVE-2025-71292

In the Linux kernel, the following vulnerability has been resolved: jfs: nlink overflow in jfsrename If nlink is maximal for a directory -1 and inside that directory you perform a rename for some child directory not moving from the parent, then the nlink of the first directory is first incremente...

CVE-2025-71292 jfs: nlink overflow in jfs_rename

In the Linux kernel, the following vulnerability has been resolved: jfs: nlink overflow in jfsrename If nlink is maximal for a directory -1 and inside that directory you perform a rename for some child directory not moving from the parent, then the nlink of the first directory is first incremente...

CVE-2026-43228

In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks In a06ec283e125 nextid, foldercount, and filecount in the super block info were expanded to 64 bits, and BUGONs were added to detect overflow. This triggered an error...

CVE-2026-43209

CVE-2026-43209 – minix filesystem sanity check in Linux kernel : The minix filesystem implementation lacked proper sanity checks in minix_check_superblock(), notably for s_log_zone_size, which the patch now enforces (only 0 is supported). The update also adds sanity checks for other superblock fi...