Azure Linux 3.0 Security Update: kernel (CVE-2025-38079)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38079 advisory. - In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in...

RHEL 9 : kernel-rt (RHSA-2025:15658)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15658 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

RHEL 9 : kernel (RHSA-2025:14696)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14696 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: bpf, testrun: Fix...

kernel: crypto: algif_hash - fix double free in hash_accept

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

kernel: crypto: algif_hash - fix double free in hash_accept

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

kernel: crypto: algif_hash - fix double free in hash_accept

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

Linux Distros Unpatched Vulnerability : CVE-2025-38079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed...

Linux Distros Unpatched Vulnerability : CVE-2024-26824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - Remove bogus SGL free on zero-length error path When a zero-length messa...

crypto: algif_hash - fix double free in hash_accept

...

kernel: crypto: algif_hash - fix double free in hash_accept

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

DEBIAN-CVE-2025-38079

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

CVE-2025-38079 crypto: algif_hash - fix double free in hash_accept

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

CVE-2025-38079

The CVE-2025-38079 entry concerns a vulnerability in the Linux kernel crypto/algif_hash: a double free in hash_accept when accept(2) is used on an algif_hash socket with MSG_MORE and crypto_ahash_import fails. This leads to a slab-use-after-free due to sk2 being freed in both hash_accept and af_a...

PT-2025-25853

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free error in the Linux kernel's crypto subsystem has been resolved. The issue occurs when the accept2 function is called on a socket of type algif hash with the MSG MORE flag s...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - Remove bogus SGL free on zero-length error path When a zero-length message is hashed by algifhash, and an error is triggered, it tries to free an SG list that was never allocated in the first place. Fix this b...

UBUNTU-CVE-2024-26824

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - Remove bogus SGL free on zero-length error path When a zero-length message is hashed by algifhash, and an error is triggered, it tries to free an SG list that was never allocated in the first place. Fix this b...

Linux Kernel 'crypto/algif_hash.c' Local Denial of Service Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. Linux Kernel 'crypto/algifhash.c' has a local denial of service vulnerability that can be exploited by an attacker to crash an application, resulting in a denial of service...