EUVD-2026-39854

In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...

CVE-2026-53027

A flaw was found in the Linux kernel's fs/ntfs3 component. When handling compressed or sparse attributes with frame-aligned clusters, a missing run load for vcn0 can occur if vcn0 resides in a different attribute segment. This oversight can lead to a kernel warning WARNON1 during a run lookup,...

RockyLinux 9 : kernel (RLSA-2026:27789)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:27789 advisory. kernel: can: isotp: fix tx.buf use-after-free in isotpsendmsg CVE-2026-31474 kernel: mptcp: fix slab-use-after-free in inetlookupestablished...

EUVD-2026-38820

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix WARNON in iommugroupsetdomainnofail due to reset In iommugroupsetdomaininternal, concurrent domain attachments are rejected when any device in the group is recovering. This is necessary to fence concurrent attachments ...

CVE-2026-52952

CVE-2026-52952 (Linux kernel IOMMU) : The vulnerability was fixed by addressing a WARN_ON in __iommu_group_set_domain_nofail() triggered by resets. In __iommu_group_set_domain_internal(), concurrent domain attachments are now rejected only when any device in the group is recovering to fence simul...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KEYS: prevented NULL pointer dereference in findasymmetrickey. In findasymmetrickey, if all NULL values are passed as arguments to id0,1,2, the kernel will first emit a WARN message, but then there will be an oops because id2 wil...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid using NULL after WARNONONCE. There is a WARNONONCE to catch an unlikely situation where domainremovedevpasid cannot find the pasid. If this still happens, we must avoid using a NULL pointer...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: The unnecessary user-triggable WARNONCE message in the verifier log was removed. It is trivial for a user to trigger the “verifier log line truncated” warning. The verifier has a fixed-size buffer of 1024 bytes currently...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bonding: Unnecessary warnings and logs from bondxdpgetxmitslave have been fixed. syzbot reported a warning in bondxdpgetxmitslave. To reproduce this issue1, one bonding device bond1 should have xdpdrv, which increases...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Timers: A race condition involving NULL function pointers was fixed in timershutdownsync. There is a race condition between timershutdownsync and timerexpiration, which can lead to a WARNON being triggered in expiretimers. The...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm: cleanup of ROC upon failure If the firmware fails to initiate session protection, we do not call iwlmvmrocfinished here, as this will have no effect, since IWLMVMSTATUSROCP2PRUNNING was never set. Set...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mISDN: A possible memory leak in mISDNregisterdevice has been fixed. After committing 1fa5ae857bb1 "driver core: get rid of struct device’s busid string array", the name of the device is allocated dynamically. The putdevice...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KEYS: Trusted – Do not use WARN when encode fails When asn1encodesequence fails, using WARN is not the correct solution. 1. asn1encodesequence is not an internal function located in lib/asn1encode.c. 2. Its location is known,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/mremap: Fixed the WARN message emitted by uffd when remap events are disabled. Registering userfaultd on a VMA that spans at least one PMD, and then using mremap to remap that VMA, may trigger a WARN message when recovering fr...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: Rejects the reuse of ALARM timer labels in revision 0 rules. In revision 0 rules, reusing timers by label always involves calling modtimer on the uninitialized timer-timer. If the label was created first i...

Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Closures: Change BUGON to WARNON If a BUGON function is actually executed, it shouldn’t be considered a real BUG. For reference, this issue has occurred once during the continuous integration process. We will need more informatio...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fsverity: Rejects FSIOCENABLEVERITY when mode 3 is used for file descriptors. Commit 56124d6c87fd “fsverity: Supports enabling with tree block size fmode & FMODEREAD condition in kernelread became reachable through fuzz tests. Th...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: The WARNONONCE message was removed when the maximum cgroup level was set. By default, the maximum depth of a cgroup is INTMAX. There’s a setting that allows restricting this maximum depth to a more reasonabl...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: staticcall: Replace the unnecessary WARNON call in staticcallmodulenotify. staticcallmodulenotify triggers a WARNON when memory allocation fails in staticcalladdmodule. This approach isn’t really justified, because the failure ca...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: hsr: Avoid possible NULL dereference in skbclone. syzbot encountered a crash 1 in skbclone, caused by a bug in hsrgetuntaggedframe. When createstrippedskbhsr returns NULL, we must not attempt to call skbclone. Additionall...