Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validating the command header size against SVGACMDMAXDATASIZE This data originates from user space and is used in buffer offset calculations, which may potentially lead to an out-of-bounds access due to overflow...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fixed a possible incorrect match in nfosffind. nfosffind incorrectly returns true in case of a mismatch, which leads to copying uninitialized memory areas in nftosf. This can result in leaking stale kerne...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Anonymous sets are never used with a timeout flag from the user space; this behavior should be rejected. An exception to this rule is when using NFTSETEVAL, to ensure that legacy metering mechanisms continue ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Let userspace handle the interrupt mask. The logic for setting the interrupt mask by default in uiohvgeneric driver has been removed. The interrupt mask value should be completely controlled by the user space. If th...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Do not recheck L1 intercepts when completing userspace I/O When completing emulation of instructions that generate a userspace exit for I/O, do not recheck L1 intercepts since KVM has already completed that phase of...

crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed

...

crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed

...

crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed

...

SUSE CVE-2026-31697

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed When retrieving the ID for the CPU, don't attempt to copy the ID blob to userspace if the firmware command failed. If the failure was due to an invalid...

SUSE CVE-2026-31698

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed When retrieving the PDH cert, don't attempt to copy the blobs to userspace if the firmware command failed. If the failure was due to an invalid length...

Linux Distros Unpatched Vulnerability : CVE-2026-31697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed When retrieving the ID for the CPU, don't attempt to copy the ID blob to userspace if t...

Linux Distros Unpatched Vulnerability : CVE-2026-31774

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/net: fix slab-out-of-bounds read in iobundlenbufs sqe-len is u32 but gets stored into sr-len which is int. When userspace passes sqe-len values exceedin...

Linux Distros Unpatched Vulnerability : CVE-2026-31699

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmwa...

CVE-2026-43024

A flaw was found in the Linux kernel's netfilter nftables component. This vulnerability arises from the system allowing immediate NFQUEUE verdicts, which are not intended for use by userspace nft tools. This could lead to unexpected behavior or a bypass of intended network filtering rules,...

CVE-2026-31698

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed When retrieving the PDH cert, don't attempt to copy the blobs to userspace if the firmware command failed. If the failure was due to an invalid length...

CVE-2026-43024 netfilter: nf_tables: reject immediate NF_QUEUE verdict

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject immediate NFQUEUE verdict nftqueue is always used from userspace nftables to deliver the NFQUEUE verdict. Immediately emitting an NFQUEUE verdict is never used by the userspace nft tools, so reject...

CVE-2026-31699 crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmware command failed. If the failure was due to an invalid length, i.e...

EUVD-2026-26508

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmware command failed. If the failure was due to an invalid length, i.e...

CVE-2026-31699

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmware command failed. If the failure was due to an invalid length, i.e...

EUVD-2026-26506

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed When retrieving the ID for the CPU, don't attempt to copy the ID blob to userspace if the firmware command failed. If the failure was due to an invalid...