Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Net: tun: Unlinking the NAPI from the device upon destruction. Syzbot identified a race condition between the tun file and the device destruction process. NAPIs reside in the structtunfile structure, and this structure may be...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000742)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000742 advisory. Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAPNETADMIN capability a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002068)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002068 advisory. Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAPNETADMIN capability a...

CVE-2023-53685

In the Linux kernel, the following vulnerability has been resolved: tun: Fix memory leak for detached NAPI queue. syzkaller reported 0 memory leaks of sk and skb related to the TUN device with no repro, but we can reproduce it easily with: struct ifreq ifr = int fdtun, fdtmp; char buf4 = ; fdtun ...

The vulnerability in the Linux operating system’s TUN network interface kernel allows a hacker to trigger a service failure.

The vulnerability of the TUN network interface in Linux operating systems is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...

SUSE CVE-2025-38184

In the Linux kernel, the following vulnerability has been resolved: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer The reproduction steps: 1. create a tun interface 2. enable l2 bearer 3. TIPCNLUDPGETREMOTEIP with media name set to tun tipc: Started in network mode tipc: Nod...

AZL-64785 CVE-2025-38184 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer The reproduction steps: 1. create a tun interface 2. enable l2 bearer 3. TIPCNLUDPGETREMOTEIP with media name set to tun tipc: Started in network mode tipc: Nod...

CVE-2022-49871 net: tun: Fix memory leaks of napi_get_frags

In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix memory leaks of napigetfrags kmemleak reports after running testprogs: unreferenced object 0xffff8881b1672dc0 size 232: comm "testprogs", pid 394388, jiffies 4354712116 age 841.975s hex dump first 32 bytes: e0 84 d7...

SUSE CVE-2013-4343

Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAPNETADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call...

Ligolo-Ng - An Advanced, Yet Simple, Tunneling/Pivoting Tool That Uses A TUN Interface

An advanced, yet simple, tunneling tool that uses a TUN interface. by TNP IT Security Introduction Ligolo-ng is a simple , lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection without the need of SOCKS. Features Tun interface No more SOCKS! Simpl...

PT-2013-4964 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.11.1 Description: The issue is related to a use-after-free vulnerability in the Linux kernel, specifically in the drivers/net/tun.c file. This vulnerability can be exploited by local users to gain privileges,...

kernel: ipv6: fix ip6_dst_lookup_tail() NULL pointer dereference

The ip6dstlookuptail function in net/ipv6/ip6output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service NULL pointer dereference and OOPS or...

PT-2010-2201 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.27 Description: The issue is related to the ip6 dst lookup tail function in the Linux kernel, which does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number o...