Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001773)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001773 advisory. A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before calling...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001583)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001583 advisory. Race condition in the sctpwaitforsndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service assertion...

CVE-2025-68787

In the Linux kernel, the following vulnerability has been resolved: netrom: Fix memory leak in nrsendmsg syzbot reported a memory leak 1. When function sockallocsendskb return NULL in nroutput, the original skb is not freed, which was allocated in nrsendmsg. Fix this by freeing it before return. ...

CVE-2025-68776

In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prpgetuntaggedframe prpgetuntaggedframe calls pskbcopy to create frame-skbstd but doesn't check if the allocation failed. If pskbcopy returns NULL, skbclone is called with a NULL pointer,...

CVE-2025-71098 ip6_gre: make ip6gre_header() robust

In the Linux kernel, the following vulnerability has been resolved: ip6gre: make ip6greheader robust Over the years, syzbot found many ways to crash the kernel in ip6greheader 1. This involves team or bonding drivers ability to dynamically change their dev-neededheadroom and/or dev-hardheaderlen ...

CVE-2025-68813 ipvs: fix ipv4 null-ptr-deref in route error path

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in ipvsgetoutrt calls dstlinkfailure without ensuring skb-dev is set, leading to a NULL pointer dereference in fibcomputespecdst when ipv4linkfailure attempts t...

CVE-2025-68776

CVE-2025-68776 affects the Linux kernel path in net/hsr where prp_get_untagged_frame() uses __pskb_copy() to build frame->skb_std. If __pskb_copy() returns NULL (allocation failure), skb_clone() is called on NULL, causing a crash (general protection fault) as described in the CVE description. ...

CVE-2025-68776 net/hsr: fix NULL pointer dereference in prp_get_untagged_frame()

In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prpgetuntaggedframe prpgetuntaggedframe calls pskbcopy to create frame-skbstd but doesn't check if the allocation failed. If pskbcopy returns NULL, skbclone is called with a NULL pointer,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to free the original skb when nroutput returns NULL in the nrsendmsg function, which could lead ...

PT-2026-2545

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.114 Description The Linux kernel contains a flaw within the IPv4 code path in the ip vs get out rt function. This function can call dst link failure without verifying that skb-dev is set, leading to a NULL...

SUSE-SU-2026:0090-1 Security update for the Linux Kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.97 fixes various security issues The following security issues were fixed: - CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading bsc1251984. - CVE-2025-38257: s390/pkey: prevent overflow in size calculation...

kernel: tls: wait for pending async decryptions if tls_strp_msg_hold fails

A vulnerability was found in tlsdecryptsg in net/tls/tlssw.c in networking subsystem in the Linux Kernel.In this flaw, If it fails to clone of the input skb to hold the reference to the memory it uses may lead a use-after-free...

CVE-2025-68765

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615mcuwtblstaadd In mt7615mcuwtblstaadd, an skb sskb is allocated. If the subsequent call to mt76connacmcuallocwtblreq fails, the function returns an error without freeing sskb, leading to a...

CVE-2025-68765

The CVE-2025-68765 issue is in the Linux kernel’s mt7615 driver: in mt7615_mcu_wtbl_sta_add(), an skb sskb is allocated and, if mt76_connac_mcu_alloc_wtbl_req() fails, it is not freed, causing a memory leak. The published fix ensures sskb is freed via dev_kfree_skb() in the error path. Affected c...

CVE-2025-68765

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615mcuwtblstaadd In mt7615mcuwtblstaadd, an skb sskb is allocated. If the subsequent call to mt76connacmcuallocwtblreq fails, the function returns an error without freeing sskb, leading to a...

CVE-2025-68765 mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615mcuwtblstaadd In mt7615mcuwtblstaadd, an skb sskb is allocated. If the subsequent call to mt76connacmcuallocwtblreq fails, the function returns an error without freeing sskb, leading to a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mt7615 driver's mt7615mcuwtblstaadd function failing to free the skb when allocation fails, which could...

PT-2026-8145

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a memory leak in the NFC LLCP Logical Link Control Protocol implementation, specifically within the nfc llcp send ui frame function. The issue stemmed from a...

PT-2026-3763

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.62 Description The Linux kernel contained a flaw within the networking subsystem related to usercopy handling. Specifically, the skbuff fclone cache was initialized without defining a usercopy region, unlike...

PT-2026-6153

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the fou module. Specifically, the FOU ATTR IPPROTO attribute should not be set to 0. When FOU ATTR IPPROTO is 0, the skb socket buffer is not...