836 matches found
SUSE CVE-2026-53243
In the Linux kernel, the following vulnerability has been resolved: rseq: Fix using an uninitialized stack variable in rseqexituserupdate There is an bug in which an uninitialized stack variable is used in rseqexituserupdate as reported by syzbot: BUG: KMSAN: kernel-infoleak in rseqsetidsgetcsadd...
Linux Distros Unpatched Vulnerability : CVE-2026-53012
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nexthop: fix IPv6 route referencing IPv4 nexthop syzbot reported a panic 1 2. When an IPv6 nexthop is replaced with an IPv4 nexthop, the hasv4 flag of all group...
Linux Distros Unpatched Vulnerability : CVE-2026-52992
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/adfs: validate nzones in adfsvalidatebblk Reject ADFS disc records with a zero zone count during boot block validation, before the disc record is used. When...
CVE-2026-52992
CVE-2026-52992 concerns the Linux kernel ADfS boot-block validation. The vulnerability arises in fs/adfs when nzones is 0: adfs_read_map() passes 0 to kmalloc_array, returning ZERO_SIZE_PTR, and adfs_map_layout() then writes to dm[-1], causing an out-of-bounds write before the allocated buffer. T...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed a memory leak when the block address of a non-inlined pcluster is zero. Syzkaller reported a memory leak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed Unreferenced object...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: htchst: In the ath9khtcrxmsg function, if there is no callback function, the provided skb is not freed. It is stated that ath9khtcrxmsg either frees the provided skb or passes its management to another callback...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nfnetlinkqueue: acquire rcureadlock in instanceDestroyrcu syzbot reported that nfreinject could be called without rcureadlock: WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-02060-g5c1672705a1a 0 Not tainted...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: In the bpf code, the splat operation in skbpullreason can cause an issue. The syzkaller build with CONFIGDEBUGNET=y frequently triggers a debug hint in skbmaypull. We would like to keep this debug check because it might indicate...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: PID: Taking a reference when initializing cadpid During boot, kernelinitfreeable initializes cadpid to the struct pid of the init task. Later, we may change cadpid via sysctl. When this happens, procdocadpid will increment the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Block, bfq: Fixed a potential UAF issue for bfqq-bic when using the merge chain. 1 Initial state: Three tasks: - Process 1 Process 2 Process 3 - BIC1 BIC2 BIC3 | Λ | Λ | Λ | | | | | V | V | V bfqq1 bfqq2 bfqq3 Process referenc...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cdrom: The check for lastmediachange has been rearranged to avoid unintentional overflow. When running syzkaller with the newly reintroduced signed integer wrap sanitizer, we encounter this error: 366.015950 UBSAN:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: Handling of integer overflows in kmallocreserve The committed change was as follows: c ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This caused various crashes, as reported ...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arpreqget. Syzkaller reported an overflow during the write operation in arpreqget. 0 When the ioctlSIOCGARP function is called, arpreqget retrieves a neighbor entry and copies neigh-ha to struct...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: scsi: scsi.debug: Fixed an out-of-bound read in respreporttgtpgs. The following issues were observed while running syzkaller: BUG: KASAN: Out-of-bound access in memcpy in include/linux/string.h:377 inline. BUG: KASAN:...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: HID: core: removed the unnecessary WARNON function in the implement function. The syzkaller triggered a warning 1 when calling implement, attempting to write a value into a field of smaller size in an output report. Since impleme...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: Fallback earlier on simultaneous connections Syzkaller reports a race condition in simultaneous connections that leads to inconsistent fallback behavior. Status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: TCP: Fixed corruption in MPTCP’s DSS due to large PMTU transmissions. Syzkaller was able to trigger DSS corruption: - TCP: requestsocksubflowv4: Possible SYN flooding on port :::20002. Sending cookies. ------------ Cut here...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFDDESTROY should not increment the refcount. syzkaller identified a race condition where IOMMUFDDESTROY increments the refcount: c obj = iommufdgetobjectucmd-ictx, cmd-id, IOMMUFDOBJANY; if ISERRobj return PTRERRobj...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger a lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in notifiers is problematic, so we skip adding the lapbeth...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ppp: Associating skb with a device at tx. Syzkaller triggered a flow dissector warning with the following code: c r0 = openat$ppp0xffffffffffffff9c, &0x7f0000000000, 0xc0802, 0x0 ioctl$PPPIOCNEWUNITr0, 0xc004743e,...