Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Therefore, dereferencing req-iv after its return is invalid...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005426)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005426 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tipc: fix refcount warning in tipcaeadencrypt syzbot reported a refcount warning 1 caused by...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38052)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38052 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read i...

SUSE CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

CVE-2026-22023

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read...

MiracleLinux 9 : kernel-5.14.0-570.32.1.el9_6 (AXSA:2025-10781:59)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10781:59 advisory. kernel: padata: fix UAF in padatareorder CVE-2025-21727 kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928 kerne...

CVE-2026-22023

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read...

CVE-2026-22023 CryptoLib Has Out-of-Bounds Read in KMC AEAD Encrypt Metadata Parsing via Flawed strtok Pattern

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read...

CryptoLib 缓冲区错误漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A buffer error vulnerability exists in CryptoLib versions prior to 1.4.3 that stems from an out-of-bounds heap read in the cryptographyaeadencrypt functio...

AlmaLinux 10 : kernel (ALSA-2025:12662)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:12662 advisory. kernel: padata: fix UAF in padatareorder CVE-2025-21727 kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928 kernel: HI...

kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

A vulnerability was found in the Linux kernel's management of network namespaces. By manipulating the lifecycle of network namespaces, an attacker could exploit this vulnerability to cause a system crash or leak sensitive system memory. Exploitation of this vulnerability requires that a user has...

kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

A vulnerability was found in the Linux kernel's management of network namespaces. By manipulating the lifecycle of network namespaces, an attacker could exploit this vulnerability to cause a system crash or leak sensitive system memory. Exploitation of this vulnerability requires that a user has...

RLSA-2025:12752 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928 kernel: memstick: rtsxusbms: Fix slab-use-after-free in rtsxusbmsdrvremove CVE-2025-22020 kernel: netsched:...

AlmaLinux 9 : kernel (ALSA-2025:12746)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:12746 advisory. kernel: padata: fix UAF in padatareorder CVE-2025-21727 kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928 kernel: HID...

kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

A vulnerability was found in the Linux kernel's management of network namespaces. By manipulating the lifecycle of network namespaces, an attacker could exploit this vulnerability to cause a system crash or leak sensitive system memory. Exploitation of this vulnerability requires that a user has...

ALSA-2025:12662 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: padata: fix UAF in padatareorder CVE-2025-21727 kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928 kernel: HID: intel-ish-hid: Fix use-after-free issue ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a reference counting issue in tipcaeadencrypt, which could lead to a system crash...

CVE-2025-38052 net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read in tipcaeadencryptdone Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-use-after-free...

CVE-2025-38052

In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read in tipcaeadencryptdone Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-use-after-free...

PT-2025-28993

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue where a refcount warning occurs in the tipc aead encrypt function. This is triggered when calling get net on a network namespace during its...