Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1816)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1816 advisory. In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update CVE-2026-23171 In the Linux kernel, the following...

OPENSUSE-SU-2026:20912-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: iommu/amd: Use maximum Event log buffer size when SNP is enabled on Family 0x19 bsc1243603. - CVE-2026-3150: bcache: fix cacheddev.sbbio use-after-free and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: fixed the issue with the hash calculation for hugetlb faults involving mutexes. In mfillatomichugetlb, the linearpageindex function is used to calculate the page index for hugetlbfaultmutexhash. However,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: a race between writeprotect and exitmmap has been fixed. A race may occur when a process exits; its virtual memory addresses are removed by exitmmap, and at the same time, userfaultfdwriteprotect is called. This race...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: PTEs are reset when using close, especially for entries protected by wr. The userfaultfd unregistration process includes a step to remove the wr-protect bits from all relevant pgtable entries. However, this only...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/uffd: fixed the pte marker when using fork without a fork event. The patch series is named “mm: Fixes on pte markers”. Patch 1 addresses the issue reported by Pengfei in the syzkiller project. Patch 2 further improves the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: The srcfolio field was changed after ensuring it was not pinned in the UFFDIOMOVE operation. The commit d7a08838ab74 “mm: userfaultfd: fix unexpected changes to srcfolio when UFFDIOMOVE fails” changed the value of...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/uffd: A warning is now prevented when PTE MARKERUFFDWP is not compiled in. When PTE MARKERUFFDWP is not configured, it’s still possible to access the pte marker code and trigger a warning. Add some CONFIGPTE MARKERUFFDWP ifdef...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: userfaultfd: Fixes the checks for huge PMDs. Patch series “userfaultfd: fix races around pmdtranshuge check”, v2. The pmdtranshuge code in mfillatomic is incorrect in three different ways, depending on the kernel version: 1. T...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: The page is released in the error path to avoid BUGON. Consider the following sequence of events: 1. The userspace sends a UFFD ioctl, which ultimately calls shmemmfillatomicpte. We successfully account the blocks, a...

Astra Linux – Vulnerability in Linux, Linux 5.10

A flaw after-free usage in the function scosocksendmsg of the Linux kernel’s HCI subsystem was discovered. This flaw allows a privileged local user to exploit it to crash the system or escalate their privileges on the system. This flaw triggers a race condition when the user calls ioct...

CVE-2026-31575

A flaw was found in the Linux kernel. A mismatch in the calculation of page indexes for huge pages within the mm/userfaultfd component can lead to race conditions between threads. These race conditions can corrupt the reservation map, potentially causing a system crash and resulting in a Denial o...

CVE-2026-31575

In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: fix hugetlb fault mutex hash calculation In mfillatomichugetlb, linearpageindex is used to calculate the page index for hugetlbfaultmutexhash. However, linearpageindex returns the index in PAGESIZE units, while...

CVE-2026-31575

The CVE-2026-31575 issue affects the Linux kernel mm/userfaultfd code, where hugetlb fault mutex hashing used linear_page_index() (PAGE_SIZE units) instead of huge-page units, causing different mutexes to be used for addresses within the same huge page. The mismatch can allow races between faulti...

CVE-2026-31575 mm/userfaultfd: fix hugetlb fault mutex hash calculation

In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: fix hugetlb fault mutex hash calculation In mfillatomichugetlb, linearpageindex is used to calculate the page index for hugetlbfaultmutexhash. However, linearpageindex returns the index in PAGESIZE units, while...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the hash calculation of the fault mutex lock in the mmuserfaultfd mechanism. This err...

PT-2026-34927

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the mfill atomic hugetlb function, the linear page index function is used to calculate the page index for hugetlb fault mutex hash. Because linear page index returns the index in PAGE...

UBUNTU-CVE-2026-31397

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix use of NULL folio in movepageshugepmd movepageshugepmd handles UFFDIOMOVE for both normal THPs and huge zero pages. For the huge zero page path, srcfolio is explicitly set to NULL, and is used as a sentinel to...

CVE-2026-31397

CVE-2026-31397 relates to the Linux kernel memory management path mm/huge_memory move_pages_huge_pmd(), where the huge zero page branch used a NULL src_folio, causing a bogus PFN (or NULL dereference on some memory models) when constructing PMDs. The fix uses page_folio(src_page) to obtain a vali...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46838)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46838 advisory. - In the Linux kernel, the following vulnerability has been resolved: userfaultfd: don't BUGON if khugepaged...