Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mptcp: A stricter state check has been added in mptcpworker. According to Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: c connect // Incoming reset + fastclose // The mpt...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: SCTP: Set skstate back to CLOSED if autobind fails in sctplistenstart. In sctplistenstart called by sctpinetlisten, it should set skstate back to CLOSED if sctpautobind fails for any reason. Otherwise, the next time...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fixed an out-of-bounds error during the parsing of TCP options. The TCP option parser in mptcp mptcpgetoptions could read one byte out of bounds. When the length of the option is 1, the execution flow enters a loop, reads...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tcp: tcprtxsynack can be called from process context Laurent reported the enclosed report 1 This bug triggers under the following conditions: 0 The kernel is built with CONFIGDEBUGPREEMPT=y 1 A new passive FastOpen TCP socket is...

Astra Linux - уязвимость в linux-5.15

The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call RPC into a single array of pages. A client can force the send...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: SCTP: Fixed a memory leak in sctpstreamoutqmigrate. When sctpstreamoutqmigrate is called to release resources related to streamouts, the memory pointed to by priohead in the streamout context is not released properly. The details...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tcp: add accessors to read/set tp-sndcwnd We had various bugs over the years with code breaking the assumption that tp-sndcwnd is greater than zero. Lately, syzbot reported the WARNONONCE!tp-priorcwnd added in commit 8b8a321ff72c...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Slip: Make slhcremember more robust against malicious packets. syzbot found that slhcremember lacked checks against malicious packets 1. slhcremember only checks that the packet’s size is at least 20 bytes, which is...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: SCTP: Initialization of additional fields in sctpv6fromsk was incorrect, leading to undefined behavior. SYZbot discovered that sin6scopeid was not properly initialized, causing undefined behavior. sin6scopeid and sin6flowinfo...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: In tcpconnrequest, do not call reqskfastopenremove. The syzbot reported the following issue in tcpconnrequest: 0 If a listener is closed while a TFO socket is being processed in tcpconnrequest, inetcskreqskqueueadd does not set...

Astra Linux – Vulnerability in connman

A issue was discovered in the DNS proxy of Connman through version 1.40. The implementation of the TCP server’s reply mechanism lacks a check to ensure that there is sufficient Header Data, resulting in an out-of-bounds read...

[SECURITY] Fedora 42 Update: openvpn-2.6.20-1.fc42

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

CVE-2026-43036

In the Linux kernel, the following vulnerability has been resolved: net: use skbheaderpointer for TCPv4 GSO fragoff check Syzbot reported a KMSAN uninit-value warning in gsofeaturescheck called from netifskbfeatures 1. gsofeaturescheck reads iph-fragoff to decide whether to clear mangleidfeatures...

Wireshark 2.2.x < 2.2.1 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.1 advisory. - In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture...

[SECURITY] Fedora 42 Update: miniupnpd-2.3.10-1.fc42

The MiniUPnP daemon is an UPnP IGD & PCP/NAT-PMP daemon for gateway routers. UPnP IGD & PCP/NAT-PMP are used to improve internet connectivity for devices behind a NAT router. Any peer to peer network application such as games, IM, etc. can benefit from a NAT router supporting UPnP IGD & PCP/NAT-P...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. FreeBSD has security vulnerabilities; these vulnerabilities stem from incorrect packet validation, which leads to infinite recursion when parsing SCTP block parameters. This can result in stack overflows and crashes...

ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

nfc: llcp: add missing return after LLCP_CLOSED checks

...

[SECURITY] Fedora 44 Update: coturn-4.10.0-1.fc44

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

CVE-2026-31629

In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return after LLCPCLOSED checks In nfcllcprecvhdlc and nfcllcprecvdisc, when the socket state is LLCPCLOSED, the code correctly calls releasesock and nfcllcpsockput but fails to return. Execution falls throu...