Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as a RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver’s TXEN pin. When the TTY port is closed mid-transmission e.g....

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fixed by using eswitch mapping in nic mode The cited patch uses the eswitch object mapping pool when in nic mode, where it is not initialized. This results in the trace below 0. The fix involves using either the ni...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fixed the deletion of tc flowers for VLAN priority-based frame steering. To reproduce the issue: 1 Add a tc flower filter for VLAN Priority-based frame steering: $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress...

Astra Linux - уязвимость в linux-5.10, linux

The atmtcenqueue function in the net/sched/schatm.c file of the Linux kernel, as of version 6.1.4, allows attackers to cause a denial of service due to type confusion. In some cases, non-negative numbers can indicate a TCACTSHOT condition instead of valid classification results...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Delete flows only for existing peers. When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This prevents touching non-existent peers and ensures that...

Malicious code in @tc-core/campus-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c58f691cfdb7301c271067776e2e3bc260d4cbb8880345d03e840729d849b580 The package @tc-core/campus-service was found to contain malicious code. Source: ossf-package-analysis...

SUSE CVE-2026-43215

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix locking usage for tcon fields We used to use the cifstcpseslock to protect a lot of objects that are not just the server, ses or tcon lists. We later introduced srvlock, seslock and tclock to protect fields within the...

openSUSE 16 Security Update : iproute2 (openSUSE-SU-2026:20696-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20696-1 advisory. Security issues fixed: - CVE-2024-58251: terminal lock up via ANSI terminal escape sequence set in argv0 bsc1254324. Other updates and bugfixes: - Fix...

EUVD-2026-27777

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix locking usage for tcon fields We used to use the cifstcpseslock to protect a lot of objects that are not just the server, ses or tcon lists. We later introduced srvlock, seslock and tclock to protect fields within the...

CVE-2026-43215

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix locking usage for tcon fields We used to use the cifstcpseslock to protect a lot of objects that are not just the server, ses or tcon lists. We later introduced srvlock, seslock and tclock to protect fields within the...

CVE-2026-43215

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix locking usage for tcon fields We used to use the cifstcpseslock to protect a lot of objects that are not just the server, ses or tcon lists. We later introduced srvlock, seslock and tclock to protect fields within the...

CVE-2026-43215

The CVE-2026-43215 issue affects the Linux kernel CIFS implementation: the code used cifs_tcp_ses_lock to guard tcon fields, but this lock protected more than intended. The patch introduces more granular locking (tc_lock) within tcon-related structures (in addition to srv_lock and ses_lock) to re...

Astra Linux - уязвимость в linux, linux-5.10

There is a use-after-free in the Linux kernel’s tcnewtfilter module, which could allow a local attacker to gain privilege escalation. This vulnerability requires unprivileged user namespaces for exploitation. We recommend upgrading to a version after commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: net:sched: fixed a possible refcount leak in tcnewtfilter. It is necessary to call tfilterput to store the refcount obtained from tp-ops-get, to avoid possible refcount leaks when chain-tmpltops != NULL and chain-tmpltops !=...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix potential memory leak in otx2inittc In otx2inittc, if rhashtableinit failed, it does not free tc-tcentriesbitmap which is allocated in otx2tcallocentbitmap...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/sched: actct: fix skb leak and crash on ooo frags actct adds skb-users before defragmentation. If frags arrive in order, the reference of the last frag is reset in inetfragreasmprepare, skbmorph. This is not straightforwar...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...

OESA-2026-2075 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: udptunnel: fix NULL deref caused by udpsockcreate6 when CONFIGIPV6=n When CONFIGIPV6 is disabled, the udpsockcreate6 function returns 0 success without actually...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007052)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007052 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbmod: prevent kernel-infoleak syzbot found that tcfskbmoddump was copying four...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013025)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013025 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN...