Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: afpacket: fixed vlangetprotocoldgram vs MSGPEEK The responsible commit forgot to handle the MSGPEEK case, resulting in a crash 1, as detected by syzbot. Reworked vlangetprotocoldgram so that it does not touch the skb at all,...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: net/packet: fixed a slab-out-of-bounds access in packetrecvmsg syzbot found that when an AFPACKET socket uses PACKETCOPYTHRESH and mmap operations, tpacketrcv queues skbs with garbage in skb-cb, causing an excessive copy...

CVE-2026-31675

A flaw was found in the Linux kernel's netem network emulator module. When processing certain non-linear network packets, specifically those sent via an AFPACKET TXRING over an IPIP tunnel, a calculation error can occur. This error leads to an out-of-bounds memory access, which could result in...

Linux Distros Unpatched Vulnerability : CVE-2026-31675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: schnetem: fix out-of-bounds access in packet corruption In netemenqueue, the packet corruption logic uses getrandomu32belowskbheadlenskb to select an...

ROS-20260324-73-0027

A vulnerability in the net/packet/afpacket.c component of the Linux operating system kernel is related to synchronization errors when using a shared resource. Exploitation of the vulnerability allows an attacker to cause a denial of service...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000592)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000592 advisory. Race condition in net/packet/afpacket.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service use-after-free by...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001610 advisory. Race condition in net/packet/afpacket.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service use-after-free or possibly have unspecified...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004190)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004190 advisory. An issue was discovered in the Linux kernel before 5.4.7. The prbcalcretireblktmo function in net/packet/afpacket.c can result in a denial of service CPU consumption...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002613)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002613 advisory. In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket. This issue...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003212)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003212 advisory. Linux kernel: heap out-of-bounds in AFPACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003129)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003129 advisory. Linux kernel: heap out-of-bounds in AFPACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes...

RockyLinux 10 : kernel (RLSA-2025:20095)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:20095 advisory. kernel: xen: Xen hypercall page unsafe against speculative attacks Xen Security Advisory 466 CVE-2024-53241 kernel: exfat: fix out-of-bounds access of...

kernel security update

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

kernel: af_packet: fix vlan_get_tci() vs MSG_PEEK

In the Linux kernel, the following vulnerability has been resolved: afpacket: fix vlangettci vs MSGPEEK Blamed commit forgot MSGPEEK case, allowing a crash 1 as found by syzbot. Rework vlangettci to not touch skb at all, so that it can be used from many cpus on the same skb. Add a const qualifier...

kernel: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK

In the Linux kernel, the following vulnerability has been resolved: afpacket: fix vlangetprotocoldgram vs MSGPEEK Blamed commit forgot MSGPEEK case, allowing a crash 1 as found by syzbot. Rework vlangetprotocoldgram to not touch skb at all, so that it can be used from many cpus on the same skb. A...

RHEL 10 : kernel (RHSA-2025:20095)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:20095 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: xen: Xen hypercall page unsa...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987321)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987321 advisory. In the Linux kernel, the following vulnerability has been resolved: net/packet: fix slab-out-of-bounds access in packetrecvmsg syzbot found that when an AFPACKET...

EUVD-2024-36467

Malicious code in bioql PyPI...

CVE-2023-53439 net: skb_partial_csum_set() fix against transport header magic value

In the Linux kernel, the following vulnerability has been resolved: net: skbpartialcsumset fix against transport header magic value skb-transportheader uses the special 0xFFFF value to mark if the transport header was set or not. We must prevent callers to accidentaly set skb-transportheader to...

PT-2025-38345

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where zero-sized raw sendmsg calls are not properly rejected in the ieee802154 socket. This can lead to a skb assert len warning during message...