UBUNTU-CVE-2026-46272

In the Linux kernel, the following vulnerability has been resolved: c...

UBUNTU-CVE-2026-46249

In the Linux kernel, the following vulnerability has been resolved: o...

CVE-2026-46268

In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Fix p2pmemallocmmap warning condition Commit b7e282378773 has already changed the initial page refcount of p2pdma page from one to zero, however, in p2pmemallocmmap it uses "VMWARNONONCEPAGE!pagerefcountpage" to asser...

CVE-2026-46261

In the Linux kernel, the following vulnerability has been resolved: spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcmfiuprobe platformgetresourcebyname can return NULL, which would cause a crash when passed the pointer to resourcesize. Move the fiu-memorysize assignment after the erro...

CVE-2026-46259

In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading realparent in dotaskstat When reading /proc/pid/stat, dotaskstat accesses task-realparent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- dotaskstat var =...

CVE-2026-46255

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: don't explicitly disable clocks in .remove The clocks in fsledmaengine::muxclk are allocated and enabled with devmclkgetenabled, which automatically cleans these resources up, but these clocks are also manual...

CVE-2026-46253

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: fix buffer overflow in persistentramsaveold persistentramsaveold can be called multiple times for the same persistentramzone e.g., via ramoopspstoreread - ramoopsgetnextprz for PSTORETYPEDMESG records. Currently, the...

CVE-2026-46249

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver crash with kexec kernel booting During a kexec reboot the hardware is not power-cycled, so AF state from the old kernel can persist into the new kernel. When AF and PF drivers are built as modules, the...

CVE-2026-46244

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...

CVE-2026-46242

In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix epremove struct eventpoll / struct file UAF epremove via epremovefile cleared file-fep under file-flock but then kept using @file inside the critical section isfileepoll, hlistdelrcu through the head, spinunlock. A...

CVE-2026-45834

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockstatechangecb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

CVE-2026-43502

In the Linux kernel, the following vulnerability has been resolved: net/rds: handle zerocopy send cleanup before the message is queued A zerocopy send can fail after user pages have been pinned but before the message is attached to the sending socket. The purge path currently infers zerocopy stat...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Julia Lawall reported this null pointer dereference issue, and this should fix it...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Soundwire: Cadence – fix invalid PDI offset For some reason, we added an offset to the PDI field. presumably to skip the PDI0 and PDI1, which are reserved for BPT. However, this code is completely incorrect and leads to...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: The migration DMA map direction needs to be corrected. The SVM DMA device map direction should be set the same as the DMA unmap setting. Otherwise, the DMA core will report the following warning. Before finalizing thi...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Commands from recovery entries are freed after a session is closed. This leads to a use-after-free error when freeing commands, or a NPE Non-Programmable Error. The call trace is as follows: Time2Retain time...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: target: targetcoreconfigfs: Added a length check to avoid buffer overflow. The buffer overflow occurs due to the use of snprintf to write data into the buffer “buf” in the targetlugpmembersshow function located in...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate ff offset This adds sanity checks for the FF offset. There is a check on rt-firstfree at the beginning, but there is no check when traversing by FF without any validation. If the second FF represents a large...

CVE-2025-14869

creationtimestamp| type| source ---|---|--- 2026-05-14 07:52:53+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-su-gitlab-ce/ee-14 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/gitlab-multiple-vulnerabilities20260515...

Advisory ROSA-SA-2026-3266

software: kernel-6.6 6.6.126 WASP: ROSA-CHROME unaffected versions = kernel-6.6-6.6.6.126-3 affected versions kernel-6.6-6.6.6.126-3 CVE-ID: CVE-2026-43284 BDU-ID: None CVE-Crit: NO DATA CVE-DESC.: A vulnerability in the xfrm subsystem ESP of the Linux kernel allows data decryption over non-packe...