82 matches found
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003464)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003464 advisory. Race condition in the netlinkdump function in net/netlink/afnetlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service double free or...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003180)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003180 advisory. Race condition in the netlinkdump function in net/netlink/afnetlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service double free or...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001673)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001673 advisory. A NULL pointer dereference vulnerability was found in netlinkdump. This issue can occur when the Netlink socket receives the messagesendmsg for the XFRMMSGGETSA,...
CVE-2025-40357
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in smcdiagdump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 1 SMP KASAN NOPTI KASAN: maybe wild-memory-access in rang...
SUSE CVE-2023-53853
In the Linux kernel, the following vulnerability has been resolved: netlink: annotate accesses to nlk-cbrunning Both netlinkrecvmsg and netlinknativeseqshow read nlk-cbrunning locklessly. Use READONCE there. Add corresponding WRITEONCE to netlinkdump and netlinkdumpstart syzbot reported: BUG:...
EUVD-2023-60143
In the Linux kernel, the following vulnerability has been resolved: netlink: annotate accesses to nlk-cbrunning Both netlinkrecvmsg and netlinknativeseqshow read nlk-cbrunning locklessly. Use READONCE there. Add corresponding WRITEONCE to netlinkdump and netlinkdumpstart syzbot reported: BUG:...
CVE-2023-53824
In the Linux kernel, the following vulnerability has been resolved: netlink: annotate lockless accesses to nlk-maxrecvmsglen syzbot reported a data-race in data-race in netlinkrecvmsg 1 Indeed, netlinkrecvmsg can be run concurrently, and netlinkdump also needs protection. 1 BUG: KCSAN: data-race ...
CVE-2023-53853 netlink: annotate accesses to nlk->cb_running
In the Linux kernel, the following vulnerability has been resolved: netlink: annotate accesses to nlk-cbrunning Both netlinkrecvmsg and netlinknativeseqshow read nlk-cbrunning locklessly. Use READONCE there. Add corresponding WRITEONCE to netlinkdump and netlinkdumpstart syzbot reported: BUG:...
CVE-2022-50656
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput called from nfcgenlsendtarget when target-sensbreslen, which is duplicated from an nfctarget in pn533, is too large as the nfctarge...
CVE-2022-50656 nfc: pn533: Clear nfc_target before being used
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput called from nfcgenlsendtarget when target-sensbreslen, which is duplicated from an nfctarget in pn533, is too large as the nfctarge...
CVE-2022-50656 nfc: pn533: Clear nfc_target before being used
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput called from nfcgenlsendtarget when target-sensbreslen, which is duplicated from an nfctarget in pn533, is too large as the nfctarge...
PT-2025-49636
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s NFC subsystem, specifically within the pn533 component. The issue involves a slab-out-of-bounds read occurring in the nla put function, which is calle...
Siemens SIMATIC S7-1500 Improper Handling of Exceptional Conditions (CVE-2024-53140)
In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - optional kicks off the dumping process - dump - actual dump helper, keeps getti...
Siemens SIMATIC Devices Loop with Unreachable Exit Condition (CVE-2024-35886)
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. From the log, syzkaller sent an AFUNSPEC RTMGETROUTE message, and then the response was...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-35910: tcp: properly terminate timers for kernel sockets bsc1224489...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-35910: tcp: properly terminate timers for kernel sockets...
SUSE-SU-2025:20164-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. - CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking...
kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walk over current view on netlink dump The Linux kernel CVE team has assigned CVE-2024-27017 to this issue. Upstream advisory:...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: The walk over the current view in the netlink dump is performed. The generation mask can be updated while the netlink dump is in progress. The iterator for the pipapo set backend cannot rely on it to infe...