af_key: validate families in pfkey_send_migrate()

...

CVE-2026-31515

CVE-2026-31515 affects the Linux kernel and is resolved by validating address families in pfkey_send_migrate(); the flaw allowed overfilling the skb when processing requests due to truncation of the @family argument in set_ipsecrequest. SYZBOT demonstrated a crash in skb_put(), leading to a kerne...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004436)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004436 advisory. In pfkeydump of afkey.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with...

Linux Distros Unpatched Vulnerability : CVE-2021-0605

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In pfkeydump of afkey.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel wit...

kernel: kernel info leak issue in pfkey_register

A vulnerability was found in the pfkeyregister function in net/key/afkey.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information...

CLSA-2023-1683229770 kernel: Fix of 22 CVEs

media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26545 - net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0461 - Bluetooth: L2CAP: Fix u8 overflow CVE-2022-45934 -...

CLSA-2023-1682705952 kernel: Fix of 7 CVEs

mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3565 - media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work CVE-2023-1989 - proc: procskipspaces shouldn't think it is working on C...

The vulnerability of the pfkey_register function in the Linux operating system’s kernel allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the pfkeyregister function in the Linux kernel’s net/key/afkey.c file is related to the exposure of sensitive information. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or cause service failures...

AZL-9646 CVE-2022-1353 affecting package kernel for versions less than 5.15.37.1-2

A vulnerability was found in the pfkeyregister function in net/key/afkey.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information...

Kernel: net: information leak in AF_KEY notify

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

Kernel: net: information leak in AF_KEY notify

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

Kernel: net: af_key: initialize satype in key_notify_policy_flush

The keynotifypolicyflush function in net/key/afkey.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notifypolicy interface of an IPSec keysocket...