CVE-2026-53240

A flaw was found in the Linux kernel's xfrm: iptfs component. A race condition during partial packet reassembly in the inputprocesspayload function can lead to a use-after-free vulnerability. This occurs when a concurrent process frees a packet buffer skb before it is checked, allowing subsequent...

UBUNTU-CVE-2023-54273

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix leak of dev tracker At the stage of direction checks, the netdev reference tracker is already initialized, but released with wrong put call...

CVE-2024-50110 xfrm: fix one more kernel-infoleak in algo dumping

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-infoleak in copytoiter+0x598/0x2a30 copytoiter+0x598/0x2a30 skbdatagramiter+0x168/0x1060...

Linux Kernel XFRM Privilege Escalation

Vulnerability Summary The following advisory describes a Use-after-free vulnerability found in Linux kernel that can lead to privilege escalation. The vulnerability found in Netlink socket subsystem – XFRM. Netlink is used to transfer information between the kernel and user-space processes. It...