Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: HID: amdsfh: Fix for shift-out-of-bounds The shift operation on the ‘exp’ and ‘shift’ variables exceeds the maximum number of shift values in the u32 range, resulting in a UBSAN shift-out-of-bounds error. … 6.120512 UBSAN:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fixed an out-of-bounds situation in switchtecntbmwsettrans. There is a kernel API called ntbmwcleartrans, which passes 0 to both addr and size. This would cause xlatepos to become negative. 23.734156 switchtec...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the return result of sbminblocksize Syzkaller reports a bug named “UBSAN: out-of-bounds access in squashfsbioread”. Syzkaller forks multiple processes. After mounting the Squashfs filesystem, it issues an...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: wifi: mac80211: Set nchannels after allocating the structcfg80211scanrequest structure. Make sure that nchannels is set after allocating the structcfg80211registereddevice::intscanreq member. This issue was identified using...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nbd: Fixed incomplete validation of ioctl arguments. We identified an alarm caused by incomplete validation of ioctl arguments without proper verification. The UBSAN warning appears as follows: UBSAN: Undefined behavior in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iommufd/iovabitmap: Fixed a out-of-bounds situation in iovabitmapoffsettoindex. A UBSAN out-of-bounds issue was addressed in iovabitmapoffsettoindex, where shifting the constant “1” of type int by bitmap-mapped.pgshift a unsigned...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Do not return “unset power” in ieee80211gettxpower. We may receive a UBSAN warning if ieee80211gettxpower returns the INTMIN value that mac80211 internally uses for “unset power level”. UBSAN:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ACPICA: Added the AMLNOOPERANDRESOLVE flag to the Timer instruction. ACPICA commit: 90310989a0790032f5a0140741ff09b545af4bc5 According to the ACPI specification 19.6.134, no arguments are required to be passed for the ASL Time...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iscsistart: A UBSAN out-of-bounds warning has been fixed in ibftattrshownic. When performing an iSCSI boot using IPv6, iscsistart still reads the /sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix length is 64,...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use a u64 type for the bankmap. The maximum number of MCA banks is 64 MAXNRBANKS; see a0bc32b3cacf “x86/mce: Increase the maximum number of banks to 64”. However, the bankmap, which contains a bitfield indicating whi...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Atacade: Ahci: Matching EMMAXSLOTS with SATAPMPMAXPORTS UBSAN reports an array-index-out-of-bounds issue: 1.980703 Kernel: UBSAN: Array-index out of bounds in /build/linux-9H675w/linux-5.15.0/drivers/ata/libahci.c:968:41 1.980709...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netsched: clsflow: validate TCAFLOWRSHIFT attribute The syzbot found that the TCAFLOWRSHIFT attribute was not validated. Shifting a 32-bit integer is undefined for large shift values. UBSAN: Shift-out-of-bounds in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fixed the "UBSAN: shift-out-of-bounds error" issue. This patch ensures that the RX ring size rxpending is not set below the permitted limit. This prevents UBSAN shift-out-of-bounds errors when users specify small or...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/compaction: Fixed the UBSAN shift-out-of-bounds warning. Syzkaller reported a UBSAN shift-out-of-bounds warning related to 1UL order in isolatefreepagesblock. The bogus compoundorder value can be any value, as it is a union wi...

Linux Distros Unpatched Vulnerability : CVE-2026-46307

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath5k: do not access array OOB Vincent reports: The ath5k driver seems to do an array-index-out- of-bounds access as shown by the UBSAN kernel message:...

CVE-2026-46307

CVE-2026-46307 affects the Linux kernel ath5k driver, where a UBSAN-detected array-index-out-of-bounds in ath5k_tasklet_tx can write beyond a 4-entry ieee80211_tx_rate array, potentially overwriting the next info->status field (ack_signal). Rootcause: ts_final_idx may be 3, causing an out-of-b...

CVE-2026-46293

In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in...

PT-2026-47365

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access occurs in the mpfs-ccc clock driver during the registration of the last two outputs. This happens because the hws array is allocated space for two PLLs and their...

CVE-2026-0067

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a permanent denial of service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0043

In multiple functions of ubsanthrowingruntime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...