Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: XArray: Fixed the issue with xascreaterange when a multi-index entry is present. If there is already an entry present that is of order = XACHUNKSHIFT when we call xascreaterange, xascreaterange will misinterpret that entry as a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/mlx5: Fixed unsafe xarray access in implicit ODP handling xastore and xaerase were used without holding the proper lock, which led to a lockdep warning due to unsafe RCU usage. This patch replaces them with xastore and...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915: Fixed potential context UAFs. The gemcontextregister function makes the context visible to user space, and a separate thread can trigger the I915GEMCONTEXTDESTROY ioctl command. Therefore, we need to ensure that...

mahoraga (>=0.1.0 <=0.6.0), pixi-browse (>=0.0.1 <=0.0.13) +8 more potentially affected by CVE-2026-47425 via py-rattler (>=0.22.0 <=0.23.2)

py-rattler PYPI version =0.22.0, =0.1.0, =0.0.1, =0.1.0, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.1.3, =0.3.0 - xarray-minimum-dependency-policy =2.0.0 Source cves: CVE-2026-47425 Source advisory: OSV:GHSA-Q53Q-5R4J-5729...

SUSE CVE-2026-46038

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

CVE-2026-46038

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

UBUNTU-CVE-2026-46038

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

CVE-2026-46038

CVE-2026-46038 relates to the Linux kernel net: qrtr: ns path where a node’s memory is leaked after processing BYE, because the node is not freed in ctrl_cmd_bye() failure or success. The fix removes the node from the Xarray and frees memory in both outcomes. Reported CVSS 3.1/3.1_VECTORS via NVD...

CVE-2026-46038 net: qrtr: ns: Free the node during ctrl_cmd_bye()

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

EUVD-2026-32419

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

PT-2026-43905

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A memory leak occurs in the QualComm Rapid Transport QRTR nameserver. When a node sends a BYE packet indicating it is going...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfs: Fixed missing xasretry calls during xarray iteration. netfslib has several places where it performs iteration of an xarray while being under the RCU read lock. It should call xasretry as the first step inside the loop,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed the xarray locking mechanism in nfsnetfsissueread for writeback interrupts. The loop within nfsnetfsissueread currently does not disable interrupts during the iteration of pages in the xarray to perform NFS reads. This...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Added missing lock protection when polling. Added missing lock protection in the poll routine when iterating the xarray. Otherwise, even with the RCU read lock held, only the slot of the radix tree is guaranteed to be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fixed a race condition when gathering fdinfo group samples The commit e16635d88fa0 "drm/panthor: add DRM fdinfo support" failed to protect access to groups using an xarray lock, which could lead to use-after-free...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/shmem: Disabling the PMD-sized page cache if needed For shmem files, it’s possible that the PMD-sized page cache cannot be supported by xarray. For example, a 512MB page cache on ARM64 when the base page size is 64KB cannot...

SUSE CVE-2026-43041

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: replace qrtrtxflow radixtree with xarray to fix memory leak radixtreecreate allocates and links intermediate nodes into the tree one by one. If a subsequent allocation fails, the already-linked nodes remain in the tree...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Added channlock to protect the ksmbdchannlist xarray. The ksmbdchannlist xarray lacks synchronization, allowing use-after-free situations in multi-channel sessions between lookupchannlist and ksmbdchanndel. Added a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: Fixed the memory leak associated with xarray nodes. If the xassplitalloc function fails to allocate the necessary nodes to complete the splitting of the xarray entries, it sets the xastate to -ENOMEM. This is then...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed the issue where xasretry was missing in the fscache mode. The xarray iteration only holds the RCU read lock; therefore, an XARETRYENTRY may be encountered if a process modifies the xarray concurrently. This would lea...