125 matches found
SUSE CVE-2026-46137
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...
CVE-2026-46137
A flaw was found in the Linux kernel, specifically within the Multipath TCP MPTCP implementation. The mptcppmaddtimer helper, which is executed as a timer callback, does not properly hold the socket lock when operating in a softirq context. This oversight can lead to a potential data race, which...
CVE-2026-46227
CVE-2026-46227 describes a race in the Linux kernel SCTP SENDALL path. The sctp_sendmsg() loop over ep->asocs caches the next entry in @tmp, then calls sctp_sendmsg_to_asoc() after dropping the socket lock, allowing a second thread to peel off the cached association and migrate it to a new end...
CVE-2026-46227 sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL
In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...
EUVD-2026-32764
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...
CVE-2026-46137 mptcp: pm: ADD_ADDR rtx: fix potential data-race
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...
CVE-2026-46137
CVE-2026-46137 affects the Linux kernel MPTCP implementation. The mptcp_pm_add_timer() helper runs as a timer callback in softirq context and can race with socket state unless the socket lock is held with bh_lock_sock(). The mitigation is to hold the lock and retry if the socket is in use, mirror...
PT-2026-44260
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race exists in the Multipath TCP MPTCP implementation. The mptcp pm add timer helper function, which operates as a timer callback in softirq context, fails to properly hold the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the SCTPSENDALL path, where sctpsendmsgtoasoc may release the socket lock, causing other threads ...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: Fixed null-ptr-deref in socklockinitclassandname and rmmod. When I ran the reproduction steps and waited for a few seconds, I observed two LOCKDEP errors: a warning followed immediately by a null-ptr-deref. Reproduction Step...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: RFCOMM: Fixed a possible deadlock in rfcommskstatechange. rfcommskstatechange attempts to use socklock, so it should never be called with it locked. However, rfcommsockioctl always attempts to lock it, causing the...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was installed, or uses...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix locking in rxrpc's sendmsg Fix three bugs in the rxrpc's sendmsg implementation: 1 rxrpcnewclientcall should release the socket lock when returning an error from rxrpcgetcallslot. 2 rxrpcwaitfortxwindowintr will return...
Astra Linux - уязвимость в linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: afbluetooth: Fix deadlock Attemting to do socklock on .recvmsg may cause a deadlock as shown bellow, so instead of using socksock this uses skreceivequeue.lock on btsockioctl to avoid the UAF: INFO: task kworker/u9:1:1...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: l2tp: All race conditions in l2tptunnelregister have been fixed. The code within l2tptunnelregister is problematic in several ways: 1. It modifies the tunnel socket after it is published. 2. It calls setupudptunnelsock on an...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/rds: Fixed a circular locking dependency in rdstcptune syzbot reported a circular locking dependency in rdstcptune, where sknetrefcntupgrade is called while holding the socket lock:...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/smc: fixed the LGR and link use-after-free issue. We encountered a LGR/link use-after-free issue, which manifested as the LGR/link refcnt reaching 0 early and entering the clear process, making resource access unsafe...
CVE-2026-43023
CVE-2026-43023 affects the Linux kernel Bluetooth SCO path. A race condition in sco_sock_connect() allows two concurrent connect() attempts on the same socket to bypass locks, leading to use-after-free and potential socket/state corruption (BT_OPEN -> BT_CONNECT with zombie sk). The issue is d...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013841)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013841 advisory. In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks syzbot is reporting...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011000)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011000 advisory. In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks syzbot is reporting...