CLSA-2026-1779375889 kernel: Fix of 95 CVEs

perf/x86/intel/uncore: Fix die ID init and look up bugs CVE-2026-43344 - x86/apic: Disable x2apic on resume if the kernel expects so CVE-2026-43363 - drm/amdgpu: Fix use-after-free race in VM acquire CVE-2026-43370 - dm: remove fake timeout to avoid leak request CVE-2026-43314 - md/bitmap: fix...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: fastmap: Fix duplicate slab cache names during attachment Since commit 4c39529663b9 “slab: Warns about duplicate cache names when DEBUGVM=y”, duplicate slab cache names can be detected, and a kernel warning is issued. In the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ubi: Fixed a race condition between ctrlcdevioctl and ubicdevioctl. Hulk Robot reported a KASAN report regarding a use-after-free issue: BUG: KASAN: use-after-free in listdelentryvalid+0x13d/0x160. A size 8 byte read at addres...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: Fixed the UAF Use-After-Free issue in the eraseblkcountseqshow function. The wear-leveling entry could be freed during an erroneous path, and this entry might be accessed again in eraseblkcountseqshow, for example: c...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ubi: Ensure that the VID header offset + VID header size ≤ alloc, size. Ensure that the VID header offset + VID header size does not exceed the allocated area to avoid slab OOB. BUG: KASAN: Slab-out-of-bounds in...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A issue was discovered in the driver/mtd/ubi/cdev.c file within the Linux kernel 6.2. There is a division-by-zero error in the dodivsz, mtd-erasesize function, which is indirectly used by ctrlcdevioctl, when mtd-erasesize is 0...

CLSA-2026-1778276927 kernel: Fix of 33 CVEs

rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present - xfrm: esp: avoid in-place decrypt on shared skb frags - ext4: avoid OOB when system.data xattr changes underneath the filesystem CVE-2024-47701 - gpiolib: cdev: fix uninitialised kfifo CVE-2024-36898 - wifi: mt76: Fix...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: ubiwlputpeb: Fixed an infinite loop that occurred when wear-leveling failed. The following process can trigger an infinite loop in ubiwlputpeb: c ubifsbgt ubibgt ubifslebunmap ubilebunmap ubiebaunmapleb...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: ubi: ubicreatevolume: Fix use-after-free when volume creation failed There is an use-after-free problem for 'ebatbl' in ubicreatevolume's error handling path: ubiebareplacetablevol, ebatbl vol-ebatbl = tbl outmapping:...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: Fixed an unreferenced object issue reported by kmemleak in ubiresizevolume. There is also a memory leak issue reported by kmemleak: An unreferenced object with a size of 128 bytes is causing a memory leak: 0xffff888102007a00...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: Fixed a use-after-free issue when volume resizing failed. There is a use-after-free problem reported by KASAN: ========================================= BUG: KASAN: Use-after-free in ubiebacopytable+0x11f/0x1c0 ubi A read of...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubifreevolume It willl cause null-ptr-deref in the following case: uifinit ubiaddvolume cdevadd - if it fails, call killvolumes deviceregister killvolumes - if ubiaddvolume fails call this...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mtd: Fixed NULL pointer dereferencing caused by the ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereferencing when trying to access ‘gluebi-desc’ in gluebiread. The issue arises...

Important: Red Hat Security Advisory: Red Hat Update Infrastructure 5.1 security update

The latest release of Red Hat Update Infrastructure. For more details, see the product documentation. Red Hat Update Infrastructure RHUI container images are based on the latest RHUI RPM packages and the ubi9 or ubi9-init base images. This release updates to the latest version...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013562)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013562 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubifreevolume It willl cause null-ptr-deref in the following...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013811)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013811 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: Fix UAF wear-leveling entry in eraseblkcountseqshow Wear-leveling entry could be freed in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013384)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013384 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubifreevolume It willl cause null-ptr-deref in the following...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011114)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011114 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: ubiwlputpeb: Fix infinite loop when wear-leveling work failed Following process will trigger...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011138)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011138 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubifreevolume It willl cause null-ptr-deref in the following...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007450)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007450 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported b...