CVE-2026-46267

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

CVE-2026-46267

In the Linux kernel NFC stack (nfc: hci: shdlc), llc_shdlc_deinit() frees the llc_shdlc context while SHDLC timers and state-machine work may still be active. Timer callbacks can schedule sm_work, which accesses SHDLC state and skb queues. If teardown runs concurrently with queued or running work...

CVE-2026-46267

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

OESA-2026-2496 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: Revert "smb: client: fix TCP timers deadlock after rmmod" This reverts commit e9f2517a3e18a54a3943c098d2226b245d488801. Commit e9f2517a3e18 "smb: client: fix TCP...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: The process of cleaning up CPU timers before releasing them during execution. The commit 55e8c8eb2c7b “posix-cpu-timers: Store a reference to a pid instead of a task” corrected the behavior where tasks were...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: timers/migration: Fixed an off-by-one root misconnection issue. Before attaching a new root to the old root, the children counter of the new root was checked to ensure that only the top-level groups of the upcoming CPU were...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Timers: A race condition involving NULL function pointers in timershutdownsync has been fixed. There is a race condition between timershutdownsync and timerexpiration, which can lead to a WARNON being triggered in expiretimers...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: Fixed a race condition between handleposixcputimers and posixcputimerdel. If a non-autoreaping task that exits has already called exitnotify and calls handleposixcputimers from the IRQ, it may be reaped by its...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mm: slub: Avoid waking up kswapd in settrackprepare settrackprepare may cause lock recursion. The issue arises when it is called from hrtimerstartrangens, which holds percpuhrtimerbasesn.lock. However, when CONFIGDEBUGOBJECTSTIME...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: posix-timers: A mechanism is added to prevent livelock in the itimerdelete function. The itimerdelete function contains a retry loop when the timer expires simultaneously. On non-RT kernels, this is simply a spin-wait until the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: isotp: split the transmission timer into two parts—transmission and timeout. The timer for the transmission of isotp PDUs previously had two functions: 1. sending two consecutive frames with a specified time interval. 2...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Revert "smb: client: fix TCP timers deadlock after rmmod" This reverts commit e9f2517a3e18a54a3943c098d2226b245d488801. Commit e9f2517a3e18 "smb: client: fix TCP timers deadlock after rmmod" is intended to fix a null-ptr-deref in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Properly terminate timers for kernel sockets We received various reports from syzbot regarding TCP timers being fired after the corresponding netns has been dismantled. Fortunately, Josef Bacik was able to trigger this issue...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: hrtimers: Properly handle CPU state during hotplug events. Consider a scenario where a CPU transitions from CPUHPONLINE to CPUHPHRTIMERSPREPARE after a CPU is unplugged, and then back to CPUHPONLINE again. Since the...

Astra Linux - уязвимость в linux-5.10, linux-5.15

It was discovered that when executing from a non-leader thread, armed POSIX CPU timers would remain on a list but would then be freed, resulting in a use-after-free...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: posix-timers: Plug potential memory leak in dotimercreate When posix timer creation is set to allocate a given timer ID and the access to the user space value faults, the function terminates without freeing the already allocated...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpftimercancelandfree and bpftimercancel The following race is possible between bpftimercancelandfree and bpftimercancel. It will lead a UAF on the timer-timer. bpftimercancel; spinlock; t = timer-time;...

Astra Linux - уязвимость в linux-5.10, linux, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid posixtimeradd tries to allocate a posix timer ID by starting from the cached ID which was stored by the last successful allocation. This is done in a loop searching the ID...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: rtc: Check whether the rtcreadtime call was successful in rtctimerdowork. If the rtcreadtime call fails, the struct rtctime tm; structure may contain uninitialized data, or an illegal date/time reading from the RTC hardware may...

EUVD-2026-25363

A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inadequate enforcement of constraints on sensitive functions, parameters such as IP addressing, watchd...