503 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mtk-jpeg driver failing to cancel the work queue during the release process, potentially...
PT-2026-43723
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqe size before using it in ib uverbs post send ib uverbs post send uses cmd.wqe size from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ib uverbs sen...
CVE-2026-45856
RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rxe: Returns a CQE error if an invalid lkey is provided. In RXE, there is a lack of update of the WQE status in cases of LOCALwrite failures. This caused the following kernel panic if someone performed an atomic operation...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: HID: corsair-void: Update power supply values using a unified work handler. The function corsairvoidprocessreceiver can be called from an interrupt context. Locking the batterymutex in this function caused a kernel panic. This...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: A memory leak was fixed when flushing the reset work queue...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Deferred sub-object cleanup in export put callbacks The svcexportput function calls pathput and authdomainput immediately when the last reference is dropped, before the RCU grace period. RCU readers in eshow and cshow...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: writeback: Fixed the use of “free” after processing in inodeswitchwbsworkfn. The function inodeswitchwbsworkfn has a loop like this: c wbgetnewwb; while 1 list = llistdelall&newwb-switchwbsctxs; / Nothing to do? / if !list break;...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notifcallback for FF-A notifications. However, this function is called in an atomic context, leading to errors when processing asynchronous...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Use deltimersync before freeing the timer. While reviewing a crash report regarding a corrupted timer list, which typically occurs when a timer is freed while still active, this issue is commonly triggered by...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: The IOWQBITEXIT check is performed within the work run loop. Currently, this check is performed before executing the pending tasks. Normally, this works fine, as the tasks either block temporarily and then a new...
SUSE SLES15 Security Update : kernel (SUSE-SU-2026:1909-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1909-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: -...
SUSE-SU-2026:21689-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate...
SUSE CVE-2026-43366
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...
CVE-2026-1681
Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...
CVE-2026-1681
Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...
CVE-2026-1681 net: Stack Overflow with Ping (to own IP Address) via Shell
Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...
CVE-2026-43468
A flaw was found in the net/mlx5 component of the Linux kernel. This vulnerability involves a deadlock condition that can occur when the eswitchmodeset function attempts to acquire a devlink lock while the esw-workqueue is executing and also trying to acquire the same lock. This concurrent lock...
CVE-2026-43382
A flaw was found in the batman-adv module of the Linux kernel. This vulnerability occurs when the batadvvelpgetthroughput function attempts to acquire a network lock RTNL lock that is already held, particularly during the cancellation of a work queue item. This can lead to a deadlock, causing a...
CVE-2026-43468
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw-wq esw-workqueue executes eswfunctionschangedeventhandler - eswvfschangedeventhandler and acquires the devlink lock. .eswitchmodeset acquires devlink lock in devlinknlpredoit -...