EUVD-2026-27624

In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMAIFID in aevent size calculation xfrmgetae allocates the reply skb with xfrmaeventmsgsize, then buildaevent appends attributes including XFRMAIFID when x-ifid is set. xfrmaeventmsgsize does not include space for...

CVE-2026-43167

CVE-2026-43167 relates to the Linux kernel xfrm subsystem where a reference-count leak in xfrm_state occurs when a network device is unregistered. The issue stems from an IPsec hardware-offload API change (commit d77e38e612a0) that made xfrm_dev_unregister() a no-op, even though xfrm_dev_state_ad...

CVE-2026-43107

In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMAIFID in aevent size calculation xfrmgetae allocates the reply skb with xfrmaeventmsgsize, then buildaevent appends attributes including XFRMAIFID when x-ifid is set. xfrmaeventmsgsize does not include space for...

CVE-2026-43107

In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMAIFID in aevent size calculation xfrmgetae allocates the reply skb with xfrmaeventmsgsize, then buildaevent appends attributes including XFRMAIFID when x-ifid is set. xfrmaeventmsgsize does not include space for...

CVE-2026-43085 netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: initialize nfgenmsg in NLMSGDONE terminator When batching multiple NFLOG messages inst-qlen 1, nfulnlsend appends an NLMSGDONE terminator with sizeofstruct nfgenmsg payload via nlmsgput, but never...

CVE-2026-43085

CVE-2026-43085: In the Linux kernel, nfnetlink_log did not initialize the nfgenmsg payload when emitting NLMSG_DONE terminators while batching multiple NFLOG messages, leaking four bytes of stale heap data to userspace. The issue is fixed by using nfnl_msg_put() to build the NLMSG_DONE terminator...

CVE-2026-43085

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: initialize nfgenmsg in NLMSGDONE terminator When batching multiple NFLOG messages inst-qlen 1, nfulnlsend appends an NLMSGDONE terminator with sizeofstruct nfgenmsg payload via nlmsgput, but never...

SUSE CVE-2026-31744

In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix NULL pointer dereference when perf domain ID is not found devenergymodelnlgetperfdomainsdoit calls emperfdomaingetbyid but does not check the return value before passing it to emnlgetpdsize. When a caller supplies a...

SUSE CVE-2026-43035

In the Linux kernel, the following vulnerability has been resolved: net: sched: clsapi: fix tcchainfillnode to initialize tcminfo to zero to prevent an info-leak When building netlink messages, tcchainfillnode never initializes the tcminfo field of struct tcmsg. Since the allocation is not zeroed...

PT-2026-37395

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the netfilter nfnetlink log component allows the leakage of four bytes of stale kernel heap data to userspace. This occurs when batching multiple NFLOG messages, where the nful...

PT-2026-37417

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the xfrm component where the xfrm get ae function allocates a reply socket buffer skb using xfrm aevent msgsize, but the build aevent function may append additional...

Linux Distros Unpatched Vulnerability : CVE-2026-43107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: account XFRMAIFID in aevent size calculation xfrmgetae allocates the reply skb with xfrmaeventmsgsize, then buildaevent appends attributes including...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories CVE-2025-68736 In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context CVE-2026-23102 In the Linu...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: shaper: Protection against late creation of hierarchies. We retrieve the netdev during the preparation of Netlink operations before callbacks. We then take a reference to it. Later, within the body of the callback, we acquir...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: core: A NULL dereference was prevented in generichwtstampioctllower. The ethtool tsconfig Netlink path can trigger a null pointer dereference. A call chain such as: tsconfigpreparedata - devgethwtstampphylib - vlanhwtstampge...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed a UAF Use-After-Free issue in bindersnetlinkreport. Transactions sent to frozen targets via bindersproctransaction return an BRTRANSACTIONPENDINGFROZEN error, but they are still treated as successful. This is becaus...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Executing the ndosetrxmode callback within a work queue Commit 1767bb2d47b7 “ipv6: mcast: Do not hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP” removed the RTNL lock for these operations. However, this change...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - net: genl: fixed a memory leak in the error path during policy dumping. - If the construction of the policy array fails when recording non-first policies, we need to unwind the process. - The netlinkpolicydumpaddpolicy...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: xsk: Fixed an use-after-free error during socket cleanup. A use-after-free error could occur if the xskdiag interface is used after the socket has been unbound from the device. This can happen either due to the socket being...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Team: Replace the team lock with rtnl lock. Syszbot reports various ordering issues related to lower instance locks and team locks. It is recommended to use rtnl locks for protecting team devices, similar to bonding. This chan...