498 matches found
CVE-2026-53274
A flaw was found in the Linux kernel's net/smc component. A local unprivileged user can exploit a logic flaw, specifically a 'sleep-inside-lock' issue within the smcsetsockopt function. By providing a specially crafted memory page, an attacker can cause the system to halt execution, leading to a...
CVE-2026-53274
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in smcsetsockopt causing local DoS A logic flaw in smcsetsockopt allows a local unprivileged user to cause a Denial of Service DoS by holding the socket lock indefinitely. The function smcsetsockopt...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: ISO: Fixed a issue where user input was not validated using setsockopt. The length of user input was checked before data was copied...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ax25: rcu protect dev-ax25ptr syzbot identified a lockdep issue 1. We should remove the ax25 RTNL dependency in ax25setsockopt. This should also fix various potential UAF issues in ax25. 1 WARNING: A circular locking dependenc...
Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisock: Fixed an issue where user input was not validated. The length of user input was checked before copying data...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: nfc: llcp: fixed unsafe copies in nfcllcpsetsockopt syzbot reported unsafe calls to copyfromsockptr 1 Use copysafefromsockptr instead. 1 BUG: KASAN: out-of-bounds access in copyfromsockptroffset include/linux/sockptr.h:49 inli...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: removal of support for TCPULP setsockopt TCPULP setsockopt cannot be used for mptcp because it is already used internally to access subflow tcp sockets at the mptcp level. The syzbot was able to cause a crash in mptcp...
Astra Linux - уязвимость в linux, linux-5.10
A vulnerability, classified as problematic, was discovered in the Linux kernel. This vulnerability affects the tcpgetsockopt/tcpsetsockopt functions of the TCP Handler component. Manipulation of these functions can lead to a race condition. It is recommended that a patch be applied to address thi...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: SCO: Fixed issue where user input is not validated before calling setockopt. The syzbot reported that scosocksetsockopt copies data without checking the length of the user input. BUG: KASAN: Out-of-bounds access in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: xsk: Validated user input for XDPUMEM|COMPLETIONFILLRING syzbot reported an illegal copy in xsksetsockopt 1 Ensure that the @optlen parameter of setsockopt is validated. 1 BUG: KASAN: Out-of-bounds access in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Bonding: Fix for missing rcu protection. When removing the rcureadlock from bondethtoolgettsinfo, I didn’t realize that it could also be called via setsockopt, which does not hold a rcu lock. As pointed out by syzbot: Stack trace...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: can: j1939: Fixed a UAF in j1939skmatchfilter during setsockoptSOJ1939FILTER. Locked jsk-sk to prevent UAF when setsockopt..., SOJ1939FILTER, ... modifies jsk-filters while receiving packets. The following issue was observed on t...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed an issue where user input was not validated. The length of user input was checked before data was copied...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: Validates user input to ensure it is of the expected length. I received multiple syzbot reports indicating that old bugs were exposed due to BPF after the commit 20f2505fb436 “bpf: Try to avoid kzalloc in...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013483)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013483 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: Transitional solution for clcsock race issue We encountered a crash in smcsetsockopt and...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010734)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010734 advisory. A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010753)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010753 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: Transitional solution for clcsock race issue We encountered a crash in smcsetsockopt and...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010749)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010749 advisory. In the Linux kernel 5.11 through 5.12.2, isotpsetsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. This does not affect...
CLSA-2026-1773047921 kernel: Fix of 70 CVEs
wifi: iwlwifi: mvm: guard against invalid STA ID on removal CVE-2024-36921 - ASoC: topology: Fix references to freed memory CVE-2024-41069 - net/sched: actmirred: don't override retval if we already lost the skb CVE-2024-26739 - drivers: base: Free devm resources when unregistering a device...
Important: kernel
Issue Overview: A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier...