Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reordering cleanup operations to avoid UAF bugs The dreamcastcard-timer could schedule the spudmawork, and the spudmawork could also arm the dreamcastcard-timer. When the sndpcmsubstream is closing, the aicachanne...

Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.42 fixes various security issues The following security issues were fixed: CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. CVE-2025-38488: smb: client: fix use-after-free in...

SUSE-SU-2026:20866-1 Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed bsc1257669. ...

CVE-2026-22997 net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

EUVD-2022-55907

In the Linux kernel, the following vulnerability has been resolved: dm integrity: Fix UAF in dmintegritydtr Dmintegrity also has the same UAF problem when dmresume and dmdestroy are concurrent. Therefore, cancelling timer again in dmintegritydtr...

CVE-2022-50843 dm clone: Fix UAF in clone_dtr()

In the Linux kernel, the following vulnerability has been resolved: dm clone: Fix UAF in clonedtr Dmclone also has the same UAF problem when dmresume and dmdestroy are concurrent. Therefore, cancelling timer again in clonedtr...

AZL-47604 CVE-2024-42239 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpftimercancel when callback is being cancelled Given a schedule: timer1 cb timer2 cb bpftimercanceltimer2; bpftimercanceltimer1; Both bpftimercancel calls would wait for the other callback to finish executing,...

kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel

A use-after-free flaw was found in the Linux kernel’s BPF functionality. This flaw allows a local user to crash the system...

kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel

A use-after-free flaw was found in the Linux kernel’s BPF functionality. This flaw allows a local user to crash the system...

AZL-62510 CVE-2024-41045 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same case as previous patch two timer callbacks trying to cancel each other can be invoked through bpfmapupdateelem as well, or more precisely, freeing map elements containi...

DEBIAN-CVE-2024-41023

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix taskstruct reference leak During the execution of the following stress test with linux-rt: stress-ng --cyclic 30 --timeout 30 --minimize --quiet kmemleak frequently reported a memory leak concerning the...

CVE-2024-41023

CVE-2024-41023 — Linux kernel vulnerability in sched/deadline: a task_struct reference leak occurs when a timer is canceled before expiration after start_dl_timer() increments the refcount. The leak happens because the timer callback is supposed to decrement the reference count, but an early-canc...

PT-2024-29225

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the bpf timer cancel and free function in the Linux kernel, where two timer callbacks trying to cancel each other can lead to a deadlock situation. This can be...

DEBIAN-CVE-2024-26737

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpftimercancelandfree and bpftimercancel The following race is possible between bpftimercancelandfree and bpftimercancel. It will lead a UAF on the timer-timer. bpftimercancel; spinlock; t = timer-time;...