PT-2026-3763

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.62 Description The Linux kernel contained a flaw within the networking subsystem related to usercopy handling. Specifically, the skbuff fclone cache was initialized without defining a usercopy region, unlike...

PT-2026-6153

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the fou module. Specifically, the FOU ATTR IPPROTO attribute should not be set to 0. When FOU ATTR IPPROTO is 0, the skb socket buffer is not...

PT-2026-27704

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The nci transceive function in the Linux kernel does not free memory allocated to skb socket buffer in certain error scenarios, specifically when encountering -EPROTO, -EINVAL, or -EBUSY...

PT-2026-27643

Name of the Vulnerable Software and Affected Versions Kea versions 2.6.0 through 2.6.4 Kea versions 3.0.0 through 3.0.2 Description A specially crafted message sent to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons via an API socket or HA listener can lead to a stack overflow...

PT-2026-4479

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Linux kernel's networking subsystem within the skb segment list function when handling packets aggregated by the GRO Generic Receive Offload engine. Prior to ...

PT-2026-27737

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the NFC rawsock functionality of the Linux kernel. Specifically, the rawsock release function does not properly cancel pending tx work and purge the write queue before...

CVE-2025-69412

KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API aka phishing API, which might allow spoofing of threat data. NOTE: this Lookup API is not contacted in the messagelib default configuration...

CVE-2022-50885

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

SUSE CVE-2022-50829

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: Fix use-after-free in ath9khifusbregincb It is possible that skb is freed in ath9khtcrxmsg, then usbsubmiturb fails and we try to free skb again. It causes use-after-free bug. Moreover, if allocskb fails,...

SUSE CVE-2022-50838

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

SUSE CVE-2022-50885

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

SUSE CVE-2023-54164

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

SUSE CVE-2023-54238

In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993034)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993034 advisory. In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix a potential socket leak in p9socketopen Both p9fdcreatetcp and p9fdcreateunix will ca...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993137)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993137 advisory. In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix skb leak in x25lapbreceiveframe x25lapbreceiveframe using skbcopy to get a private...

Linux Distros Unpatched Vulnerability : CVE-2022-50838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the followin...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993136)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993136 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, bu...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992763)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992763 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pktlen Syzbot found an issue 1: fqcodeldrop try to drop ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993088)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993088 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a lockdep splat in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993087)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993087 advisory. In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before...