1154 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-52993
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tipc: fix double-free in tipcbufappend tipcmsgvalidate can potentially reallocate the skb it is validating, freeing the old one. In tipcbufappend, it was being...
EUVD-2026-38861
In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipcbufappend tipcmsgvalidate can potentially reallocate the skb it is validating, freeing the old one. In tipcbufappend, it was being called with a pointer to a local variable which was a copy of the...
CVE-2026-52993
In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipcbufappend tipcmsgvalidate can potentially reallocate the skb it is validating, freeing the old one. In tipcbufappend, it was being called with a pointer to a local variable which was a copy of the...
CVE-2026-52993
Summary (CVE-2026-52993): In the Linux kernel TIPC module, a double-free flaw occurs in tipc_buf_append() when tipc_msg_validate() reallocates an skb and the code incorrectly frees the original skb. The root cause is that the validation path may free a previously freed skb if reallocation occurs,...
CVE-2026-52993 tipc: fix double-free in tipc_buf_append()
In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipcbufappend tipcmsgvalidate can potentially reallocate the skb it is validating, freeing the old one. In tipcbufappend, it was being called with a pointer to a local variable which was a copy of the...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: tipc: Fixed a use-after-free in tipcmonreinitself. syzbot reported a use-after-free of tipcnetnet-monitors in tipcmonreinitself. The array is protected by RTNL, but tipcmonreinitself iterates over it without using RTNL...
PT-2026-51887
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free flaw exists in the Transparent Inter-Process Communication TIPC module. The issue occurs within the tipc buf append function when it incorrectly handles memory after a sock...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A data race flaw was discovered in the Linux kernel, between the allocation of the con variable and the setting of con-sock. This issue results in a NULL pointer dereferencing when accessing con-sock-sk in the net/tipc/topsrv.c file within the tipc protocol in the Linux kernel...
Astra Linux – Vulnerability in Linux
A remote denial-of-service vulnerability was discovered in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit encounters an unknown state while attempting to parse SKBs that are not present in the queue. Sending two small UDP packets to a system with a UDP interface causes the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: tipc: Check the bearer type before calling tipcudpnlbeareradd syzbot reported the following general protection fault 1: General protection fault, likely for non-canonical address 0xdffffc0000000010: 0000 1 PREEMPT SMP KASAN...
Astra Linux – Vulnerability in Wireshark
The TIPC dissector crashes in Wireshark versions 4.0.0 to 4.0.2, and 3.6.0 to 3.6.10. This issue allows for denial of service through packet injection or malicious capture files...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: tipc: Changed the nlapolicy for bearer-related names to NLANULSTRING. The syzbot reported the following uninit-value access issues 1: ===================================================== BUG: KMSAN: uninit-value in strlen...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tipc: fixed a null-ptr-deref in tipctopsrvaccept The syzbot detected a crash in tipctopsrvaccept: - KASAN: Null-ptr-deref in range 0x0000000000000008-0x000000000000000f - Workqueue: tipcrcv in tipctopsrvaccept - RIP: 0010:...
Astra Linux – Vulnerability in Linux 5.10
An information leak flaw was discovered due to uninitialized memory in the Linux kernel’s TIPC protocol subsystem, during the process of a user sending a TIPC datagram to one or more destinations. This flaw allows a local user to read certain parts of the kernel’s memory. The affected data is no...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tipc: re-fetching the skb context after calling tipcmsgvalidate As shown in the call trace, the original skb was freed during the execution of tipcmsgvalidate. Dereferencing the old skb context would cause a “use-after-free” cras...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tipc: Do not update the MTU if msgmax is too small during MTU negotiation. During link MTU negotiation, a malicious peer may send an “Activate msg” with a very small MTU, e.g., 4, as tested by Shuang. Without checking for the...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: tipc: Wait and exit until all work queues are completed On some hosts, a crash could occur simply by repeating these commands several times: bash modprobe tipc tipc bearer enable media udp name UDP1 localip 127.0.0.1 rmmod tipc T...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: tipc: skblinearize the head skb when reassembling msgs It's not a good idea to append the frag skb to a skb's fraglist if the fraglist already has skbs from elsewhere, such as this skb was created by pskbcopy where the fraglist w...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: tipc: Check the attribute length for the bearer name. syzbot reported uninit-value issues: ===================================================== BUG: KMSAN: uninit-value in stringnocheck lib/vsprintf.c:644 inline BUG: KMSAN:...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tipc: The issue in tipcnlcompatnametabledumpheader regarding the check of the msg-req TLV length was fixed. This is a follow-up to commit 974cb0e3e7c9 “tipc: fixing uninit-value in tipcnlcompatnametabledump", where a type cast fr...