Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/core: Ensure that the presence of the LSNLATYPEDGID attribute is correctly checked. The netlink response for RDMANLLSOPIPRESOLVE should always contain the LSNLATYPEDGID attribute; otherwise, it is invalid. Use the nl...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

A issue was discovered in the Linux kernel before version 6.0.11. Missing offset validation in the drivers/net/wireless/microchip/wilc1000/hif.c file, within the WILC1000 wireless driver, can lead to an out-of-bounds read when parsing a Robust Security Network RSN information element from a Netli...

CVE-2026-31420

CVE-2026-31420 affects Linux kernel bridge MRP interval handling. Vulerability arises when br_mrp_start_test/br_mrp_start_in_test accept a user-supplied interval from netlink with no validation; if interval is 0, the delay becomes zero and a tight loop can exhaust memory, causing an OOM kernel pa...

CVE-2025-71096

An uninitialized memory read flaw was found in the Linux kernel's RDMA netlink subsystem. When processing IP resolution responses RDMANLLSOPIPRESOLVE, the code did not properly validate that the required LSNLATYPEDGID attribute was present. A malformed userspace netlink message missing this...

CVE-2025-71096

Summary (CVE-2025-71096) : The Linux kernel RDMA core netlink path handling RDMA_NL_LS_OP_IP_RESOLVE could return a DGID-less response, risking an uninitialized read on the stack. The fix ensures the LS_NLA_TYPE_DGID attribute is present, uses nla_parse_deprecated() to populate nlattrs, and then ...

CVE-2025-71096 RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992698)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992698 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix geneveopt length integer overflow struct geneveopt uses 5 bit length for each single...

Siemens SIMATIC Devices Out-of-bounds Read (CVE-2023-3773)

A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414340 advisory. An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver...

CVE-2023-53543

Technical details for CVE-2023-53543 are not publicly provided in the supplied documents; monitor SUSE/kernel advisories for updates.

Linux Distros Unpatched Vulnerability : CVE-2025-37998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openvswitch: Fix unsafe attribute parsing in outputuserspace This patch replaces the manual Netlink attribute iteration in outputuserspace with nlaforeachnested...

Linux Distros Unpatched Vulnerability : CVE-2023-53000

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla...

kernel: net: wwan: fix global oob in wwan_rtnl_policy

In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwanrtnlpolicy The variable wwanrtnllinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as the oob fixed in commit...

SUSE CVE-2024-50128

In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwanrtnlpolicy The variable wwanrtnllinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as the oob fixed in commit...

AZL-52508 CVE-2024-50128 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwanrtnlpolicy The variable wwanrtnllinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as the oob fixed in commit...

UBUNTU-CVE-2024-50128

In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwanrtnlpolicy The variable wwanrtnllinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as the oob fixed in commit...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a global out-of-bounds read issue in the net module, wwanrtnlpolicy, due to an overly large maxtype assigne...

kernel security update

2.6.32-754.53.1.OL6 - net/sched: schqfq: refactor parsing of netlink parameters Orabug: 36517546 - net/sched: schqfq: account for stab overhead in qfqenqueue CVE-2023-3611 Orabug: 36517546 - net/sched: clsfw: Fix improper refcount update leads to use-after-free CVE-2023-3776 Orabug: 36517546 - ne...

SUSE CVE-2024-26597

In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnetpolicy The variable rmnetlinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below:...

DEBIAN-CVE-2024-26597

In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnetpolicy The variable rmnetlinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below:...