Linux DCCP Binary Information Leak

Linux suffers from a small remote binary information leak in DCCP that requires a victim's machine to have established connections...

sctp: sysctl: udp_port: avoid using current->nsproxy

...

CVE-2025-20209

A vulnerability in the Internet Key Exchange version 2 IKEv2 function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets. This vulnerability is due to improper handling of malformed IKEv2 packets. An...

Linux Distros Unpatched Vulnerability : CVE-2012-2372

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rdsibxmit function in net/rds/ibsend.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel 3.7.4 and earlier allows local users...

UBUNTU-CVE-2025-21743

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in DPE length check Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength U16MAX. This could lead to an OoB read. Move the wDatagramIndex term t...

SUSE CVE-2022-49420

In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk-skbounddevif UDP sendmsg is lockless, and reads sk-skbounddevif while this field can be changed by another thread. Adds minimal annotations to avoid KCSAN splats for UDP. Following patches will add...

SUSE CVE-2022-49601

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fix a data-race around sysctltcpfwmarkaccept. While reading sysctltcpfwmarkaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...

CVE-2024-57974

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

AZL-68748 CVE-2024-57974 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

DEBIAN-CVE-2024-57974

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

CVE-2025-21743 usbnet: ipheth: fix possible overflow in DPE length check

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in DPE length check Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength U16MAX. This could lead to an OoB read. Move the wDatagramIndex term t...

CVE-2024-57974

The CVE-2024-57974 entry describes a race in the Linux kernel UDP path: if a UDP socket changes its local address during a receive after connect(), a secondary hash/tuple hash update may not complete in time, causing lookups to fail and potentially returning ECONNREFUSED. The issue arises from th...

CVE-2024-57974 udp: Deal with race between UDP socket address change and rehash

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

CVE-2024-57974

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a race condition between UDP socket address changes and rehashing...

DEBIAN-CVE-2022-49601

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fix a data-race around sysctltcpfwmarkaccept. While reading sysctltcpfwmarkaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...

DEBIAN-CVE-2022-49577

In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctludpl3mdevaccept. While reading sysctludpl3mdevaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...

DEBIAN-CVE-2022-49420

In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk-skbounddevif UDP sendmsg is lockless, and reads sk-skbounddevif while this field can be changed by another thread. Adds minimal annotations to avoid KCSAN splats for UDP. Following patches will add...

DEBIAN-CVE-2022-49344

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix a data-race in unixdgrampeerwakeme. unixdgrampoll calls unixdgrampeerwakeme without other's lock held and check if its receive queue is full. Here we need to use unixrecvqfulllockless instead of unixrecvqfull, otherwi...

UBUNTU-CVE-2022-49344

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix a data-race in unixdgrampeerwakeme. unixdgrampoll calls unixdgrampeerwakeme without other's lock held and check if its receive queue is full. Here we need to use unixrecvqfulllockless instead of unixrecvqfull, otherwi...