491 matches found
EUVD-2026-38945
In the Linux kernel, the following vulnerability has been resolved: net/rds: Restrict use of RDS/IB to the initial network namespace Prevent using RDS/IB in network namespaces other than the initial one. The existing RDS/IB code will not work properly in non-initial network namespaces...
EUVD-2026-38943
In the Linux kernel, the following vulnerability has been resolved: ppp: require CAPNETADMIN in target netns for unattached ioctls /dev/ppp open is currently authorized against file-fcred-userns, while unattached administrative ioctls operate on current-nsproxy-netns. As a result, a local...
CVE-2026-53075
In the Linux kernel, CVE-2026-53075 affects PPP handling of unattached administrative ioctls. The flaw permits a local unprivileged user who creates a new user namespace (CLONE_NEWUSER) to obtain CAP_NET_ADMIN in that namespace and still invoke PPPIOCNEWUNIT, PPPIOCATTACH, or PPPIOCATTCHAN agains...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: In net:tIPC, there is a fix for the refcount warning in tipcaeadencrypt. The syzbot report identified a refcount warning 1 caused by calling getnet on a network namespace that is being destroyed refcount=0. This occurs when a TIP...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: devlink: fixed the netns refcount leak in devlinknlcmdreload. While preparing my patch series that includes netns refcount tracking, I discovered bugs in devlinknlcmdreload. Some error paths failed to release the refcount...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mr: Consolidate the ipmrcanfreetable checks. Guoyu Yin reported a crash in the ipmr netns cleanup path: WARNING: CPU: 2 PID: 14564 at net/ipv4/ipmr.c:440 ipmrfreetable net/ipv4/ipmr.c:440 inline WARNING: CPU: 2 PID: 14564 at...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fixed a suspicious RCU usage warning in iptunnelfind The per-netns IP tunnel hash table is protected by the RTNL mutex, and iptunnelfind is only called from the control path where the mutex is acquired. Added a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/smc: Reduced Rtnl pressure in smcpnetcreatepnetidslist. Many syzbot reports indicate extreme Rtnl pressure, and many of them suggest that smc acquires Rtnl during the creation of netnames without any valid reason 1. This patc...
kernel: geneve: Fix use-after-free in geneve_find_dev().
A use-after-free vulnerability exists in the Linux kernel. When devnet is dismantled, the geneveexitbatchrtnl function calls unregisternetdevicequeue for each device in the network namespace. Later, when the device is freed, it is still linked to the backend UDP socket in the network namespace...
kernel: geneve: Fix use-after-free in geneve_find_dev().
A use-after-free vulnerability exists in the Linux kernel. When devnet is dismantled, the geneveexitbatchrtnl function calls unregisternetdevicequeue for each device in the network namespace. Later, when the device is freed, it is still linked to the backend UDP socket in the network namespace...
Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7408-3)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7408-3 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7408-2)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7408-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
kernel: geneve: Fix use-after-free in geneve_find_dev().
A use-after-free vulnerability exists in the Linux kernel. When devnet is dismantled, the geneveexitbatchrtnl function calls unregisternetdevicequeue for each device in the network namespace. Later, when the device is freed, it is still linked to the backend UDP socket in the network namespace...
kernel: geneve: Fix use-after-free in geneve_find_dev().
A use-after-free vulnerability exists in the Linux kernel. When devnet is dismantled, the geneveexitbatchrtnl function calls unregisternetdevicequeue for each device in the network namespace. Later, when the device is freed, it is still linked to the backend UDP socket in the network namespace...
SUSE CVE-2026-46120
In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...
CVE-2026-46120
In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...
CVE-2026-46120 ip6_gre: Use cached t->net in ip6erspan_changelink().
In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...
net: qrtr: ns: Limit the total number of nodes
...
net: qrtr: ns: Limit the maximum number of lookups
...
net: qrtr: ns: Fix use-after-free in driver remove()
...