PT-2026-07: Local Privilege Escalation Vulnerability in the Linux Kernel (Copy Fail)

This security advisory provides information regarding a Linux kernel vulnerability, CVE-2026-31431 , informally known as Copy Fail. This vulnerability allows for local privilege escalation to the superuser root level and affects the Linux kernel module: algifaead. Vulnerability status : PT NGFW i...

Linux Distros Unpatched Vulnerability : CVE-2026-45973

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx5: Fix UMR hang in LAG error state unload During firmware reset in LAG mode, a race condition causes the driver to hang indefinitely while waiting for U...

CVE-2026-45963

A flaw was found in the Linux kernel's ASoC nau8821 driver. This vulnerability occurs when the driver is unloaded, and a pending jack detection work jdetwork is not properly cancelled or allowed to complete. An attacker could exploit this by triggering the driver unload under specific conditions,...

CVE-2026-45973

A flaw was found in the Linux kernel's RDMA/mlx5 driver. A race condition during firmware reset in Link Aggregation Group LAG mode can cause the driver to hang indefinitely while waiting for Unregister Memory Region UMR completion during device unload. This can lead to a denial of service, making...

EUVD-2026-32257

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix UMR hang in LAG error state unload During firmware reset in LAG mode, a race condition causes the driver to hang indefinitely while waiting for UMR completion during device unload. See 1. In LAG mode the bond devic...

CVE-2026-45973 RDMA/mlx5: Fix UMR hang in LAG error state unload

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix UMR hang in LAG error state unload During firmware reset in LAG mode, a race condition causes the driver to hang indefinitely while waiting for UMR completion during device unload. See 1. In LAG mode the bond devic...

CVE-2026-45973

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix UMR hang in LAG error state unload During firmware reset in LAG mode, a race condition causes the driver to hang indefinitely while waiting for UMR completion during device unload. See 1. In LAG mode the bond devic...

CVE-2026-45973

Summary: CVE-2026-45973 affects the Linux kernel RDMA mlx5 stack, causing an indefinite hang during device unload in LAG mode due to a race between master/slave error handling and UMR completion. The root cause is that, in LAG, the bond device is registered only on the master and may miss sys_err...

CVE-2026-45963

The CVE-2026-45963 issue affects the Linux kernel ASoC nau8821 driver. The vulnerability arises when unloading the driver while a jack-detection work (nau8821_jdet_work) is pending, which could lead to a kernel crash (page fault in mutex_lock path) during scheduled execution. Affected component/f...

CVE-2026-45973

RDMA/mlx5: Fix UMR hang in LAG error state unload...

PT-2026-43840

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix UMR hang in LAG error state unload During firmware reset in LAG mode, a race condition causes the driver to hang indefinitely while waiting for UMR completion during device unload. See 1. In LAG mode the bond devic...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the lockdep assertion that occurred during the sync reset unload event. The lockdep assertion was triggered during the sync reset unload event. When the sync reset flow is initiated using the devlink reload...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload A system crash is observed due to a stack trace warning related to the use after free operation. There are two signals that can cause dpcthread to terminate: the UNLOADING flag and...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: gpio: aggregator: Protect driver attr handlers against module unload Both newdevicestore and deletedevicestore interact with module global resources e.g., gpioaggregatorlock. To prevent race conditions during module unloading,...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel before version 6.4.5, the file driver/gpu/drm/drmatomic.c contained a use-after-free during a race condition between a nonblocking atomic commit and a driver unloading process...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The rcubarrier function was called in ksmbdserverexit. The bug is triggered due to racing between closing a connection and the rmmod operation. In ksmbd, rcubarrier is not called at the time of module unloading, so nothing...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: Fixed null-ptr-deref in socklockinitclassandname and rmmod. When I ran the reproduction steps and waited for a few seconds, I observed two LOCKDEP errors: a warning followed immediately by a null-ptr-deref. Reproduction Step...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Do not call cleanup on profile rollback failure When profile rollback fails in mlx5enetdevchangeprofile, the netdev profile var is left set to NULL. Avoid a crash when unloading the driver by not calling profile-cleanu...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: octeonep: Fixed the issue where the host would hang during device reboot. When the host loses heartbeat messages from the device, the driver calls the device-specific ndostop function, which frees the resources. If the driver is...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fixed an oops error when unloading drivers that are parallel to each other. When the hclge driver is unloaded, it attempts to disable sriov first for each aedev node from hnae3aedevlist. If the hns3 driver is unloaded ...