CVE-2026-46053

A flaw was found in the Linux kernel's Reliable Datagram Sockets RDS network protocol. When handling memory registration MR cleanup, specifically during the process of copying generated cookies back to user space, an error in the cleanup path could lead to resources being freed multiple times. Th...

UBUNTU-CVE-2026-46053

In the Linux kernel, the following vulnerability has been resolved: net: rds: fix MR cleanup on copy error rdsrdmamap hands sg/pages ownership to the transport after getmr succeeds. If copying the generated cookie back to user space fails after that point, the error path must not free those...

CVE-2026-46053

In the Linux kernel, the following vulnerability has been resolved: net: rds: fix MR cleanup on copy error rdsrdmamap hands sg/pages ownership to the transport after getmr succeeds. If copying the generated cookie back to user space fails after that point, the error path must not free those...

CVE-2026-46053

CVE-2026-46053 affects the Linux kernel RDS memory-registration cleanup. In net/rds, __rds_rdma_map() transfers ownership of sg/pages after get_mr(); if copying the cookie back to user space fails, resources could be freed more than once. The fix removes a duplicate unpin/free in the put_user() f...

CVE-2026-43494

In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails When iovitergetpages2 fails in rdsmessagezcopyfromuser, the pinned pages are released with putpage, and rm-data.opmmpznotifier is cleared. But we fail to properly clear...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject unhashed sockets in bpfskassign The semantics of bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. Therefore, the function must ensure th...

CVE-2026-43230

A flaw was found in the Linux kernel's Reliable Datagram Sockets RDS network protocol. When the reconnect worker is canceled before it has been scheduled, the 'reconnect-pending' bit is not properly cleared. This can lead to a state where the system indefinitely believes a reconnect is pending,...

CVE-2026-43226

A flaw was found in the Linux kernel's Reliable Datagram Sockets RDS component. Due to an incorrect state transition, an RDS connection can bypass its expected shutdown process. This can lead to the connection becoming permanently stuck in a shutdown-queued state, potentially causing a denial of...

CVE-2026-43226

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

CVE-2026-43230

In the Linux kernel, the following vulnerability has been resolved: net/rds: Clear reconnect pending bit When canceling the reconnect worker, care must be taken to reset the reconnect-pending bit. If the reconnect worker has not yet been scheduled before it is canceled, the reconnect-pending bit...

CVE-2026-43230

In the Linux kernel, the following vulnerability has been resolved: net/rds: Clear reconnect pending bit When canceling the reconnect worker, care must be taken to reset the reconnect-pending bit. If the reconnect worker has not yet been scheduled before it is canceled, the reconnect-pending bit...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from bypassing the RDSCONNERROR state during the handling of RDS connection status. This may lead to abnorma...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006691)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006691 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk =...

SUSE CVE-2026-23419

In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rdstcptune syzbot reported a circular locking dependency in rdstcptune where sknetrefcntupgrade is called while holding the socket lock:...

CVE-2026-23331

The CVE-2026-23331 issue concerns the Linux kernel UDP 4-tuple hash table: when an auto-bound UDP socket is bound, connected, and then disconnected, the socket may be moved to a new hash slot without removing the old entry, leaving garbage in the 4-tuple chain. The fix is to remove such a socket ...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005024)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005024 advisory. In the Linux kernel, the following vulnerability has been resolved: inetdiag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak 1, that can...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000839)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000839 advisory. The rdsibxmit function in net/rds/ibsend.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000581)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000581 advisory. The rdsincinfocopy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obta...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002147)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002147 advisory. The rdsibxmit function in net/rds/ibsend.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003481)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003481 advisory. The rdsincinfocopy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obta...