Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fixed the use-after-free issue in ovsctctexit. Since “kfreercu”, which is called during the hlistforeachentryrcu traversal of ovsctlimitexit, is not part of the RCU read critical section, it is possible that the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is validated by...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: net: openvswitch: Fixed a leak of nested actions. When parsing user-provided actions, the openvswitch module may dynamically allocate memory and store pointers in the internal copy of the actions. This memory must be freed whe...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: gso: The ownership in udpgsosegment was corrected. In udpgsosegment, the skb destructor is removed before the skb is segmented, but the reference to the socket remains intact. This issue arises if the original skb becomes...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: openvswitch: removed the never-working support for setting nsh fields The validation of the setnsh... action is completely incorrect. It uses the nshkeyputfromnlattr function, which is the same function used to validate N...

SUSE-SU-2026:1871-1 Security update for openvswitch

This update for openvswitch fixes the following issue: - CVE-2026-34956: Invalid memory access in conntrack FTP alg bsc1261273...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix race on port output CVE-2023-53188 In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ipvsaddservice CVE-2024-42322 In the Linux kernel, the...

SUSE CVE-2026-39402

lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-nic delete scans its NIC database to authorize a...

RHCOS 4 : OpenShift Container Platform 4.9.0 (RHSA-2021:3758)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3758 advisory. - coreos-installer: restrict access permissions on /boot/ignition,/config.ign CVE-2021-3917 - jetty: requests to the ConcatServlet a...

CVE-2026-39402

lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-nic delete scans its NIC database to authorize a...

CVE-2026-39402 lxc lxc-user-nic insufficient ownership validation allows cross-tenant OVS port deletion

lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-nic delete scans its NIC database to authorize a...

EUVD-2026-27497

lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-nic delete scans its NIC database to authorize a...

PT-2026-36995

Name of the Vulnerable Software and Affected Versions lxc versions prior to 7.0.0 Description A logic flaw in the find line function of the lxc-user-nic setuid helper allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When scanning the NIC database to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Revert "openvswitch: switch to per-action label counting in conntrack" Currently, ovsctsetlabels is only called for confirmed conntrack entries ct within ovsctcommit. However, if the conntrack entry does not have the labelsext...

Astra Linux - уязвимость в openvswitch

A flaw was discovered in OpenVSwitch OVS. When processing an IP packet with protocol 0, OVS will install a datapath flow without modifying the IP header. This issue results in the installation of a datapath flow that matches all IP protocols with “nwproto” set to wildcard, but with an incorrect...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix memory leak at failed datapath creation ovsdpcmdnew-ovsdpchange-ovsdpsetupcallportids allocates array via kmalloc. If for some reason newvport fails during ovsdpcmdnew dp-upcallportids must be freed. Add missing...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: openvswitch: The issue of locking up the core during the process of unregistering a netdev due to the carrier status was fixed. The commit in the fixes tag attempted to address this issue through the following sequence of calls:...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fix unsafe attribute parsing in outputuserspace This patch replaces the manual Netlink attribute iteration in outputuserspace with nlaforeachnested, which ensures that only well-formed attributes are processed...

Astra Linux - уязвимость в openvswitch

An integer underflow occurred in the Organization Specific TLV in various versions of OpenvSwitch...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set action It is not safe to access nlalenovskey if the data is smaller than the netlink header. Make sure the attribute is valid first...