Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: block: fixed a memory leak in blkdevissuezeropages. The check for the fatal signal was moved before the bioalloc function, to prevent a memory leak when BLKDEVZEROKILLABLE is set and a fatal signal is pending. Previously, the bio...

CVE-2026-31397

A flaw was found in the Linux kernel's memory management subsystem, specifically within the movepageshugepmd function. A local user could exploit a NULL pointer dereference when handling huge zero pages, which can lead to a system crash and a Denial of Service DoS. Furthermore, improper...

CVE-2026-31397

CVE-2026-31397 relates to the Linux kernel memory management path mm/huge_memory move_pages_huge_pmd(), where the huge zero page branch used a NULL src_folio, causing a bogus PFN (or NULL dereference on some memory models) when constructing PMDs. The fix uses page_folio(src_page) to obtain a vali...

CVE-2026-31397

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix use of NULL folio in movepageshugepmd movepageshugepmd handles UFFDIOMOVE for both normal THPs and huge zero pages. For the huge zero page path, srcfolio is explicitly set to NULL, and is used as a sentinel to...

SUSE CVE-2025-68348

In the Linux kernel, the following vulnerability has been resolved: block: fix memory leak in blkdevissuezeropages Move the fatal signal check before bioalloc to prevent a memory leak when BLKDEVZEROKILLABLE is set and a fatal signal is pending. Previously, the bio was allocated before checking f...

EUVD-2025-205106

In the Linux kernel, the following vulnerability has been resolved: block: fix memory leak in blkdevissuezeropages Move the fatal signal check before bioalloc to prevent a memory leak when BLKDEVZEROKILLABLE is set and a fatal signal is pending. Previously, the bio was allocated before checking f...

UBUNTU-CVE-2025-68348

In the Linux kernel, the following vulnerability has been resolved: block: fix memory leak in blkdevissuezeropages Move the fatal signal check before bioalloc to prevent a memory leak when BLKDEVZEROKILLABLE is set and a fatal signal is pending. Previously, the bio was allocated before checking f...

CVE-2025-68348

In the Linux kernel, the following vulnerability has been resolved: block: fix memory leak in blkdevissuezeropages Move the fatal signal check before bioalloc to prevent a memory leak when BLKDEVZEROKILLABLE is set and a fatal signal is pending. Previously, the bio was allocated before checking f...

CVE-2025-68348 block: fix memory leak in __blkdev_issue_zero_pages

In the Linux kernel, the following vulnerability has been resolved: block: fix memory leak in blkdevissuezeropages Move the fatal signal check before bioalloc to prevent a memory leak when BLKDEVZEROKILLABLE is set and a fatal signal is pending. Previously, the bio was allocated before checking f...

CVE-2025-68348

CVE-2025-68348 : In the Linux kernel block layer, a memory leak in __blkdev_issue_zero_pages was fixed by moving the fatal signal check before bio_alloc(). If a fatal signal was pending and BLKDEV_ZERO_KILLABLE was set, the code could allocate a bio and then exit the loop without freeing it. The ...

Linux Distros Unpatched Vulnerability : CVE-2025-68348

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - block: fix memory leak in blkdevissuezeropages Move the fatal signal check before bioalloc to prevent a memory leak when BLKDEVZEROKILLABLE is set and a fatal...

PT-2025-52884

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak existed in the blkdev issue zero pages function within the block subsystem of the Linux kernel. The issue occurred because the check for a fatal signal was performed after...

CVE-2022-48700

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2022-48700

...

SUSE CVE-2009-1192

The 1 agpgenericallocpage and 2 agpgenericallocpages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading...

UBUNTU-CVE-2022-39392

Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mappi...

PT-2022-34644 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.68 Description: The issue concerns the vfio/type1 component, specifically the unpinning of zero pages. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

PT-2022-34611 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.9 Description: The issue concerns the vfio/type1 component, specifically the unpinning of zero pages. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

June 27, 2017—KB4022723 (OS Build 14393.1378)

June 27, 2017—KB4022723 OS Build 14393.1378 Improvements and Fixes This non-security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed an issue introduced by KB4022715where Internet Explorer and Microsoft Edg...

kernel security and bug fix update

2.6.9-89.0.3.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race avoidanc...