Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: iouring: Check whether iowq is killed before queuing it. Task work can be executed after the task has gone through iouring termination—whether it’s the final taskwork run or the fallback path. In this case, task work will find th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush the async PF workqueue when a vCPU is being destroyed. The async PF workqueue for each vCPU must always be flushed when a vCPU is clearing its completion queue, for example, when a VM and all its vCPUs are being...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: ena: Fixed error handling in enainit The enainit function no longer destroys the workqueue created by createsinglethreadworkqueue when pciregisterdriver fails. Instead, call destroyworkqueue when pciregisterdriver fails to...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed the null-ptr-deref issue in ibcorecleanup. KASAN reported a null-ptr-deref error: KASAN: Null pointer dereferencing in the range 0x0000000000000118–0x000000000000011f. CPU: 1; PID: 379. Hardware name: QEMU Standa...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ACPI: EC – Fixed an oops error when removing custom query handlers When removing custom query handlers, the handler may still be used within the EC query workqueue. This could lead to a kernel oops if the module that holds the...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: The issue of null-ptr-deref in vkmsrelease has been fixed. Null-ptr-deref occurs when trying to destroy the workqueue in vkms-output.composerworkq during vkmsrelease. KASAN: Null-ptr-deref occurred in the range...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: A possible memory leak has been fixed in stmmacdvrprobe. The bitmapfree function should be called to release priv-afxdpzcqps when createsinglethreadworkqueue fails. Otherwise, a memory leak will occur. Therefore, we...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net.manap: Null servicewq on setup error to prevent double destruction. In the managdsetup error path, set gc-servicewq to NULL after destroyworkqueue, to match the cleanup in managdcleanup. This prevents a use-after-free if the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: It is now possible to use hdev-workqueue when scheduling hdev-cmd,ncmdtimer works. The syzbot is reporting an attempt to schedule the hdev-cmdwork task from systemwq to hdev-workqueue WQ, which is currently in a draini...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fixed a crash in the cmaneteventworkhandler workqueue. The struct rdmacmid contains a member “struct workstruct network”, which is reused to enqueue cmaneteventworkhandler onto cmawq. A crash can occur if more than one...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: kthread: Unpark only parks kthreads. Calling kthreadunpark unconditionally is mostly harmless when the kthread is already unparked. In that case, the wake-up call is simply ignored because the task is not in the TASKPARKED state...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fixed the issue in WARNING:atkernel/workqueue.c:checkflushdependency. In the commit aee2424246f9 “RDMA/iwcm: Fixed a use-after-free related to destroying CM IDs”, the function flushworkqueue is called to flush the iwcm...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: power:supply:max77705: Fixed the error handling in the probe function related to the workqueue. The createsinglethreadworkqueue function no longer returns error pointers; instead, it returns NULL. Additionally, the workqueue was...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: nbd: Fixed NULL pointer in flushworkqueue Open /dev/nbdX first; the configrefs will be 1, and the pointers in nbddevice remain null. Disconnect /dev/nbdX, then reference a NULL recvworkq. The protection provided by configrefs ...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021614)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021614 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: omapdrm: Add missing check for allocorderedworkqueue As it may return NULL pointer and cause...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021564)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021564 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when t...

SUSE CVE-2026-43468

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw-wq esw-workqueue executes eswfunctionschangedeventhandler - eswvfschangedeventhandler and acquires the devlink lock. .eswitchmodeset acquires devlink lock in devlinknlpredoit -...

SUSE CVE-2026-43440

In the Linux kernel, the following vulnerability has been resolved: net/mana: Null servicewq on setup error to prevent double destroy In managdsetup error path, set gc-servicewq to NULL after destroyworkqueue to match the cleanup in managdcleanup. This prevents a use-after-free if the workqueue...

SUSE CVE-2026-43170

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3gadgetvbusdraw can be called from atomic context, which in turn invokes power-supply-core APIs. And some these PMIC APIs have operations that may sleep, leading...

CVE-2026-43440

A flaw was found in the Linux kernel's net/mana network driver. An error in the managdsetup function's cleanup process could result in a use-after-free vulnerability. This occurs because the servicewq workqueue pointer is not correctly nulled after destruction during setup errors, which could all...