CVE-2025-68232

CVE-2025-68232 involves a race in the Linux kernel veth path that can stall TX queues on ARM64 (Ampere Altra Max). The root cause is an unsafe producer-side check using __ptr_ring_empty() to decide whether to wake the peer, which is not reliable when a consumer runs on another CPU. The fix swaps ...

PT-2025-51645

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition within the virtual ethernet veth module can lead to a permanently stalled transmit queue TXQ. This issue stemmed from a flawed implementation in commit dc82a33297fc, whi...

kernel: net: let net.core.dev_weight always be non-zero

In the Linux kernel, the following vulnerability has been resolved: net: let net.core.devweight always be non-zero The following problem was encountered during stability test: NULL netdevice: NAPI poll function processbacklog+0x0/0x530 \ returned 1, exceeding its budget of 0. ------------ cut her...

kernel: net: tun: unlink NAPI from device on destruction

In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tunfile which can get destroyed before the netdev so we have to del them explicitly. The current...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990173)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990173 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix memory leaks of napigetfrags kmemleak reports after running testprogs: unreference...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989998)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989998 advisory. In the Linux kernel, the following vulnerability has been resolved: ionic: fix use after netifnapidel When queues are started, netifnapiadd and napienable are called...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989189)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989189 advisory. In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Fix NULL sring after live migration A NAPI is setup for each network sring to poll...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989794)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989794 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989304)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989304 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2rx The skb is delivered to napigroreceive...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gve: guard XSK operations on the existence of queues This patch predicates the enabling and disabling of XSK pools on the existence of queues. As it stands, if the interface is down, disabling or enabling XSK pools would result i...

EUVD-2023-60052

Nagios Fusion versions prior to 4.2.0 contain a stored cross-site scripting XSS vulnerability in the LDAP/AD authentication-server configuration. Unsanitized user input can be stored and later rendered in the administrative UI, causing JavaScript to execute in the browser of any user who views th...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use After Free (CVE-2024-39502)

ionic: use after netifnapidel. When queues are started, netifnapiadd and napienable are called. If there are 4 queues and only 3 queues are used for the current configuration, only 3 queues' napi should be registered and enabled. The ionicqcqenable checks whether the .poll pointer is not NULL for...

EUVD-2022-54561

In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tunfile which can get destroyed before the netdev so we have to del them explicitly. The current...

SUSE CVE-2025-39984

In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi-skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb net/core/gro.c:723...

CVE-2025-39984

In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi-skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb net/core/gro.c:723...

EUVD-2025-34588

In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi-skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb net/core/gro.c:723...

CVE-2025-39984 net: tun: Update napi->skb after XDP process

In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi-skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb net/core/gro.c:723...

CVE-2025-39984 net: tun: Update napi->skb after XDP process

In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi-skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb net/core/gro.c:723...

PT-2025-42259

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a use-after-free issue identified through syzbot reporting. The issue occurs after commit e6d5dbdd20aa, which added multi-buff support for XDP running in gener...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to update napi-skb after XDP processing, which could lead to reuse after release...