Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Team: Fix for checking whether the port is enabled in teamqueueoverrideportpriochanged. A syzkaller bug was recently reported with the following trace: listdel corruption; ffff888058bea080-prev is LISTPOISON2 dead000000000122...

SUSE CVE-2026-43228

In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks In a06ec283e125 nextid, foldercount, and filecount in the super block info were expanded to 64 bits, and BUGONs were added to detect overflow. This triggered an error...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: scsi: scsi.debug: Fixed an out-of-bound read in respreporttgtpgs. The following issues were observed while running syzkaller: BUG: KASAN: Out-of-bound access in memcpy in include/linux/string.h:377 inline. BUG: KASAN:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013203)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013203 advisory. In the Linux kernel, the following vulnerability has been resolved: net: add vlangetprotocolanddepth helper Before blamed commit, pskbmaypull was used instead of...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21790)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21790 advisory. - In the Linux kernel, the following vulnerability has been resolved: vxlan: check vxlanvnigroupinit return...

CVE-2025-71091

In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel corruption, ffff888058bea080-prev is LISTPOISON2 dead000000000122 -----------...

UBUNTU-CVE-2025-71091

In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel corruption, ffff888058bea080-prev is LISTPOISON2 dead000000000122 -----------...

Linux Distros Unpatched Vulnerability : CVE-2025-71091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993068)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993068 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: block range must be validated before use in ext4mbclearbb Block range to free is validated ...

UBUNTU-CVE-2023-53862

In the Linux kernel, the following vulnerability has been resolved: hfs: fix missing hfsbnodeget in hfsbnodecreate Syzbot found a kernel BUG in hfsbnodeput: kernel BUG at fs/hfs/bnode.c:466! invalid opcode: 0000 1 PREEMPT SMP KASAN CPU: 0 PID: 3634 Comm: kworker/u4:5 Not tainted...

EUVD-2025-36976

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of...

kernel: tcp: Correct signedness in skb remaining space calculation

In the Linux kernel, the following vulnerability has been resolved: tcp: Correct signedness in skb remaining space calculation Syzkaller reported a bug 1 where sk-skforwardalloc can overflow. When we send data, if an skb exists at the tail of the write queue, the kernel will attempt to append the...

DEBIAN-CVE-2025-38463

In the Linux kernel, the following vulnerability has been resolved: tcp: Correct signedness in skb remaining space calculation Syzkaller reported a bug 1 where sk-skforwardalloc can overflow. When we send data, if an skb exists at the tail of the write queue, the kernel will attempt to append the...

UBUNTU-CVE-2025-38463

In the Linux kernel, the following vulnerability has been resolved: tcp: Correct signedness in skb remaining space calculation Syzkaller reported a bug 1 where sk-skforwardalloc can overflow. When we send data, if an skb exists at the tail of the write queue, the kernel will attempt to append the...

SUSE CVE-2025-38207

In the Linux kernel, the following vulnerability has been resolved: mm: fix uprobe pte be overwritten when expanding vma Patch series "Fix uprobe pte be overwritten when expanding vma". This patch of 4: We encountered a BUG alert triggered by Syzkaller as follows: BUG: Bad rss-counter state...

CVE-2025-38207

In the Linux kernel, the following vulnerability has been resolved: mm: fix uprobe pte be overwritten when expanding vma Patch series "Fix uprobe pte be overwritten when expanding vma". This patch of 4: We encountered a BUG alert triggered by Syzkaller as follows: BUG: Bad rss-counter state...

CVE-2025-21794 HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix stack-out-of-bounds read in usbcheckintendpoints Syzbot1 has detected a stack-out-of-bounds read of the epaddr array from hid-thrustmaster driver. This array is passed to usbcheckintendpoints function...

UBUNTU-CVE-2024-57993

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: Fix warning in thrustmasterprobe by adding endpoint check syzbot has found a type mismatch between a USB pipe and the transfer endpoint, which is triggered by the hid-thrustmaster driver1. There is a number...

CVE-2022-49532 drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix NULL pointer dereference in virtiogpuconngetmodes drmcvtmode may return NULL and we should check it. This bug is found by syzkaller: FAULTINJECTION stacktrace: 168.567394 FAULTINJECTION: forcing a failure. name...

CVE-2021-4442

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ after restoring data in the receive queue. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096, PROTNONE,...