Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A memory leak issue was discovered in the ctnetlinkcreateconntrack function within net/netfilter/nfconntracknetlink.c in the Linux kernel. This issue may allow a local attacker with CAPNETADMIN privileges to trigger a Denial-of-Service DoS attack due to a refcount overflow...

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel before version 5.8. The lib/nlattr.c file allows attackers to cause a denial of service unbounded recursion through a nested Netlink policy with a back reference...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ila: Do not generate empty messages in ilaxlatnlcmdgetmapping. ilaxlatnlcmdgetmapping generates an empty skb, triggering a recent sanity check. Instead, an error code should be returned so that it can be handled by the user...

Astra Linux - уязвимость в openvswitch

A flaw was discovered in Open vSwitch, where multiple versions are vulnerable to crafted Geneve packets, which may lead to a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A use-after-free vulnerability exists in the netfilter component of the Linux kernel’s nftables module, which can be exploited to achieve local privilege escalation. This vulnerability arises due to a race condition between the nftables netlink control plane transaction and the nftset element’s...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fixed a global out-of-bounds read in rmnetpolicy The variable rmnetlinkops assigns a larger value to maxtype, which leads to a global out-of-bounds read during the parsing of netlink attributes. See the bug...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: fixed the global out-of-bounds read in ksmbdnlpolicy. Similar to the reported issue see commit b33fb5b801c6 “net: qualcomm: rmnet: fixed global out-of-bounds in rmnetpolicy”, my local fuzzer discovered another global...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: WireGuard: netlink: Access the device through ctx instead of peer. The previous commit fixed a bug that resulted in a NULL peer-device being dereferenced. In terms of performance, it is actually easier and faster to obtain the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: WireGuard: netlink: Check for a dangling peer via isdead instead of an empty list If all peers are removed using wgpeerremoveall, rather than setting peerlist to empty, the peer is added to a temporary list at the beginning of...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: shaper: Protection is added for late read accesses to the hierarchy. We retrieve a netdev object during the preparation of Netlink operations pre-callbacks, and then we acquire a reference to it. Later, within the body of th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net-shapers: Do not free the reply skb after genlmsgreply. genlmsgreply passes the reply skb to netlink, and netlinkunicast consumes it on all return paths, regardless of whether the skb is successfully queued or freed due to an...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021586)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021586 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated...

kernel: xfrm: Duplicate SPI Handling

In the Linux kernel, the following vulnerability has been resolved: xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRMMSGALLOCSPI Netlink message, which triggers the kernel function xfrmallocspi. This function is expected to ensure uniqueness of the Security...

SUSE CVE-2026-43481

In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsgreply genlmsgreply hands the reply skb to netlink, and netlinkunicast consumes it on all return paths, whether the skb is queued successfully or freed on an error path...

EUVD-2026-30017

In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsgreply genlmsgreply hands the reply skb to netlink, and netlinkunicast consumes it on all return paths, whether the skb is queued successfully or freed on an error path...

CVE-2026-43481

In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsgreply genlmsgreply hands the reply skb to netlink, and netlinkunicast consumes it on all return paths, whether the skb is queued successfully or freed on an error path...

CVE-2026-43481

In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsgreply genlmsgreply hands the reply skb to netlink, and netlinkunicast consumes it on all return paths, whether the skb is queued successfully or freed on an error path...

CVE-2026-43481

The CVE-2026-43481 issue affects the Linux kernel net-shapers component. The vulnerability arises because, on genlmsg_reply() failure, the reply skb could be freed twice (the code path freed or nlmsg_free(msg) after genlmsg_reply() and in all return paths). The root cause is that netlink_unicast(...

CVE-2026-43481

In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsgreply genlmsgreply hands the reply skb to netlink, and netlinkunicast consumes it on all return paths, whether the skb is queued successfully or freed on an error path...

CVE-2026-43481

In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsgreply genlmsgreply hands the reply skb to netlink, and netlinkunicast consumes it on all return paths, whether the skb is queued successfully or freed on an error path...