90 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: In the tcpdisconnect function, the tcpsksk-fastopenrsk field was cleared. The syzbot reported an error where a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. The syzbot reused the server-side TCP Fast Open socket as ...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011081)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011081 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Don't call reqskfastopenremove in tcpconnrequest. syzbot reported the splat below in...
kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability
A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...
kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...
kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...
kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability
A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...
kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability
A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...
kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability
A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...
kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...
kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability
A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...
kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...
kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability
A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...
Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: wifi: cfg80211: fix use-after-free in cmpbss CVE-2025-39864 kernel: e1000e: fix heap overflow in...
EUVD-2025-150388
In the Linux kernel, the following vulnerability has been resolved: tcp: Don't call reqskfastopenremove in tcpconnrequest. syzbot reported the splat below in tcpconnrequest. 0 If a listener is closed while a TFO socket is being processed in tcpconnrequest, inetcskreqskqueueadd does not set reqsk-...
UBUNTU-CVE-2025-40186
In the Linux kernel, the following vulnerability has been resolved: tcp: Don't call reqskfastopenremove in tcpconnrequest. syzbot reported the splat below in tcpconnrequest. 0 If a listener is closed while a TFO socket is being processed in tcpconnrequest, inetcskreqskqueueadd does not set reqsk-...
CVE-2025-40186 tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request().
In the Linux kernel, the following vulnerability has been resolved: tcp: Don't call reqskfastopenremove in tcpconnrequest. syzbot reported the splat below in tcpconnrequest. 0 If a listener is closed while a TFO socket is being processed in tcpconnrequest, inetcskreqskqueueadd does not set reqsk-...
Linux Distros Unpatched Vulnerability : CVE-2025-39955
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. syzbot reported the splat below where a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. 0 syzbot...
CVE-2025-39955
In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. syzbot reported the splat below where a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. 0 syzbot reused the server-side TCP Fast Open socket as a new client before the...
UBUNTU-CVE-2025-39955
In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. syzbot reported the splat below where a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. 0 syzbot reused the server-side TCP Fast Open socket as a new client before the...
CVE-2025-39955
The CVE-2025-39955 entry concerns the Linux kernel TCP Fast Open path. The root cause is that tcp_disconnect() failed to clear tcp_sk(sk)->fastopen_rsk, allowing the retransmit timer to trigger while a TFO socket is being reused, potentially delaying or missing a retransmission. The fix implem...