Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net:cpswnew: Execute ndosetrxmode callback in a work queue Commit 1767bb2d47b7 “ipv6: mcast: Don’t hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP” removed the RTNL lock for these operations. However, this change triggered the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ip6mr: Fixed the UAF issue in ip6mrskDone, where a invalid pointer access occurred when addrconfinitnet failed. If the initialization of devconfall fails during the call to addrconfinitnet, the pointer devconfall has been...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: Ensure that we call ipv6mcdown at most once. There are two reasons why addrconfnotify is called with NETDEVDOWN: Either the network device is actually going down, or IPv6 was disabled on the interface. If either of the...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: The delay in putting pmc-idev into mlddeldelrec has been fixed. pmc-idev is still used in ip6mcclearsrc, just like in mldcleardelrec. Therefore, the reference to pmc-idev should be placed after the return of...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mldnewpack mldnewpack can be called without RTNL or RCU being held. Note that we no longer can use sockallocsendskb because ipv6.igmpsk uses GFPKERNEL allocations which can sleep. Instead use...

K000160221: Linux kernel vulnerability CVE-2025-38550

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc-idev in mlddeldelrec pmc-idev is still used in ip6mcclearsrc, so as mldcleardelrec does, the reference should be put after ip6mcclearsrc return. CVE-2025-38550 Impact There...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005512)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005512 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ensure we call ipv6mcdown at most once There are two reasons for addrconfnotify to be...

OpenClaw has a IPv6 multicast SSRF classifier bypass

Summary OpenClaw's SSRF IP classifier did not treat IPv6 multicast literals ff00::/8 as blocked/private-internal. This allowed literal multicast hosts to pass SSRF preflight checks. Impact A bypass in address classification existed for IPv6 multicast literals. OpenClaw's network fetch/navigation...

Server-side Request Forgery (SSRF)

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the SSRF IP classification. An attacker can access unintended network resources by supplying IPv6 multicast addresses that bypass address classificati...

SUSE CVE-2026-23175

In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Execute ndosetrxmode callback in a work queue Commit 1767bb2d47b7 "ipv6: mcast: Don't hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP." removed the RTNL lock for IPV6ADDMEMBERSHIP and MCASTJOINGROUP operations...

UBUNTU-CVE-2026-23203

In the Linux kernel, the following vulnerability has been resolved: net: cpswnew: Execute ndosetrxmode callback in a work queue Commit 1767bb2d47b7 "ipv6: mcast: Don't hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP." removed the RTNL lock for IPV6ADDMEMBERSHIP and MCASTJOINGROUP operations...

CVE-2026-23175 net: cpsw: Execute ndo_set_rx_mode callback in a work queue

In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Execute ndosetrxmode callback in a work queue Commit 1767bb2d47b7 "ipv6: mcast: Don't hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP." removed the RTNL lock for IPV6ADDMEMBERSHIP and MCASTJOINGROUP operations...

PT-2026-8211

In the Linux kernel, the following vulnerability has been resolved: net: cpsw new: Execute ndo set rx mode callback in a work queue Commit 1767bb2d47b7 "ipv6: mcast: Don't hold RTNL for IPV6 ADD MEMBERSHIP and MCAST JOIN GROUP." removed the RTNL lock for IPV6 ADD MEMBERSHIP and MCAST JOIN GROUP...

Linux Distros Unpatched Vulnerability : CVE-2026-23175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: cpsw: Execute ndosetrxmode callback in a work queue Commit 1767bb2d47b7 ipv6: mcast: Don't hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP. removed the...

CLSA-2026-1768669128 kernel: Fix of 39 CVEs

Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times CVE-2022-50419 - firewire: net: fix use after free in fwnetfinishincomingpacket CVE-2023-53432 - wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstartxmit CVE-2022-50408 - wifi: brcmfmac: slab-out-of-bounds read in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003128)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003128 advisory. An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land an...

UBUNTU-CVE-2025-71098

In the Linux kernel, the following vulnerability has been resolved: ip6gre: make ip6greheader robust Over the years, syzbot found many ways to crash the kernel in ip6greheader 1. This involves team or bonding drivers ability to dynamically change their dev-neededheadroom and/or dev-hardheaderlen ...

MiracleLinux 9 : kernel-5.14.0-570.44.1.el9_6 (AXSA:2025-10900:71)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10900:71 advisory. kernel: ipv6: mcast: Delay put pmc-idev in mlddeldelrec CVE-2025-38550 Tenable has extracted the preceding description block directly from the MiracleLinux...

RHEL 8 : kernel (RHSA-2025:23463)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23463 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ethtool: check device is...