94 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53033
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the pe...
EUVD-2026-38903
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix afunix iter deadlock bpfiterunixseqshow may deadlock when locksockfast takes the fast path and the iter prog attempts to update a sockmap. Which ends up spinning at sockmapupdateelem's bhlocksock: WARNING:...
CVE-2026-53033
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the peer pointer can become stale1 during a state transition TCPESTABLISHED ...
CVE-2026-53033 bpf, sockmap: Take state lock for af_unix iter
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the peer pointer can become stale1 during a state transition TCPESTABLISHED ...
CVE-2026-53033
CVE-2026-53033 affects the Linux kernel’s BPF sockmap path, causing a race in unix_stream_bpf_update_proto() that can yield a Use-After-Free when a BPF iterator updates a sockmap during a TCP state transition. The issue is resolved by taking the state lock for AF_UNIX iterations to keep the unix ...
kernel: Linux kernel: Use-after-free in BPF sockmap can lead to denial of service and privilege escalation
A flaw was found in the Linux kernel's BPF Berkeley Packet Filter sockmap subsystem. A race condition exists where the sksocket is not properly locked or referenced during the skbsendsock function call, allowing for a use-after-free vulnerability. This can be exploited by a local attacker, leadin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the bpf code, there is a fix for a use-after-free of sk-sksocket in skpsockverdictdataready. The syzbot reported a use-after-free of the sk-sksocket of an AFUNIX socket in skpsockverdictdataready. 0 In the unixstreamsendmsg...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed issues where data was not being charged when msg-sg.size contained more data. In tcpbpfsendverdict: If msg-sg.size contains more data after tcpbpfsendmsgredir: c tcpbpfsendverdict tosend = msg-sg.size...
SUSE CVE-2026-43016
In the Linux kernel, the following vulnerability has been resolved: bpf: sockmap: Fix use-after-free of sk-sksocket in skpsockverdictdataready. syzbot reported use-after-free of AFUNIX socket's sk-sksocket in skpsockverdictdataready. 0 In unixstreamsendmsg, the peer socket's -skdataready is calle...
CVE-2026-43016
A flaw was found in the Linux kernel's BPF Berkeley Packet Filter sockmap component. This vulnerability, a use-after-free, occurs due to improper management of AFUNIX socket objects within the skpsockverdictdataready function. A local attacker could exploit this issue by sending specially crafted...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from an unused RCU protection of accesses to sk-sksocket by the skpsockverdictdataready function in the bpf...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013835)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013835 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcpbpfrecvmsgparser When the buffer...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013206)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013206 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix double uncharge the mem of skmsg If tcpbpfsendmsg is running during a tear down...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011194)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011194 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirectio...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013356)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013356 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix more uncharged while msg has moredata In tcpbpfsendverdict, if msg has more dat...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013236)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013236 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011212)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011212 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in skpsockqueuemsg If tcpbpfsendmsg is running during a tear down...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006964)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006964 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirectio...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013232)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013232 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirectio...
kernel: Linux kernel: Use-after-free in BPF sockmap can lead to denial of service and privilege escalation
A flaw was found in the Linux kernel's BPF Berkeley Packet Filter sockmap subsystem. A race condition exists where the sksocket is not properly locked or referenced during the skbsendsock function call, allowing for a use-after-free vulnerability. This can be exploited by a local attacker, leadin...