Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpfastopenblackholetimeout. When reading sysctltcpfastopenblackholetimeout, it can be changed concurrently. Therefore, we need to add READONCE to its readers...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: SCO: Fixed UAF in scosocktimeout. The conn-sk might have been unlinked/freed while waiting for scoconnlock. Therefore, this check determines whether conn-sk is still valid by verifying that it is part of scosklist...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nbd: fixed the race condition between timeout and normal completion. If the request for a timeout is handled by nbdrequeuecmd, normal completion must be stopped to avoid completing this queued request. This can lead to other...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables – Disallow anonymous sets with a timeout flag. Anonymous sets are never used with a timeout setting from the user space; therefore, this behavior should be rejected. An exception to this rule is NFTSETEVAL, to...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Use a timestamp to check whether the set element has timed out. A timestamp field is added at the beginning of the transaction; it is stored in the nftablespernetns area. The methods .insert, .deactivate,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: The bdcnt field in the TX BD must be properly masked. The bdcnt field in the TX BD specifies the total number of BDs for the TX packet. This field consists of 5 bits, and the maximum supported value is 32 with a value of ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: ucsiacpi: The command completion timeout has been increased. The commit 130a96d698d7 “usb: typec: ucsi: acpi: Increase command completion timeout value” increased the timeout from 5 seconds to 60 seconds due to issues relate...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: The state lock is taken during the txtimeout Reporter. The function mlx5esafereopenchannels requires the state lock to be taken. The changes referenced in the “Fixes” section removed the lock requirement to address...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ravb: Fixed the use-after-free issue in ravbtxtimeoutwork. The ravbstop function should call cancelworksync. Otherwise, ravbtxtimeoutwork may use the freed private data after ravbremove is called, as follows: CPU0 CPU1...

Astra Linux - уязвимость в xen

Inappropriate x86 IOMMU timeout detection/handling: IOMMU processes commands that are issued in parallel with the operation of the CPUs that issue those commands. In the current implementation in Xen, asynchronous notifications of the completion of such commands are not used. Instead, the issuing...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: TCP: Avoid too many retransmitted packets If a TCP socket uses TCPUSERTIMEOUT, and the other peer retracts its window to zero, tcpretransmittimer may retransmit a packet every two milliseconds for HZ=1000, for approximately 4...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Fixed a crash in fnicwqcmplhandler when FDMI times out. When both the RHBA and RPA FDMI requests time out, fnic reuses a frame to send ABTS for each of them. Upon completion of the sending, this leads to a attempt to...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts Hyper-V provides the ability to connect Fibre Channel LUNs to the host system and present them as SCSI devices in a guest VM. I/O to the vFC device is handled by the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Handle mailbox timeouts in lpfcgetsfpinfo The MBXTIMEOUT return code is not properly handled in lpfcgetsfpinfo. This function，。The problem is that in cases of MBXTIMEOUT, when the firmware returns SFP information late...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/smc: avoided data corruption caused by decline. We identified a data corruption issue during testing of SMC-R in Redis applications. The benchmark has a low probability of reporting a strange error, as shown below: “Error:...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/lima: The mask for IRQs is set to timeout before a hard reset occurs. There is a race condition in which a rendering job may take just long enough to trigger the timeout handler for the DRM sched job, but it still completes...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021572)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021572 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-mq: avoid double -queuerq because of early timeout David Jeffery found one double -queuerq...

CVE-2026-46727 - Use-after-free in pthread-based getaddrinfo timeout handler

SUMMARY A race condition leading to a use-after-free in the pthread-based getaddrinfo timeout handler rbgetaddrinfo in ext/socket/raddrinfo.c allows a remote attacker who can delay DNS responses near the user-specified timeout to crash a Ruby process that calls Addrinfo.getaddrinfo..., timeout: o...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021585)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021585 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021647 advisory. In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL...