Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: atm: atmtcp: A free invalid length skb was encountered in atmtcpcsend. syzbot reported a crash below. 0 vccsendmsg copies data passed from userspace to skb and passes it to vcc-dev-ops-send. atmtcpcsend accesses skb-data as...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005496)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005496 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendms...

ROS-20260220-73-0020

A vulnerability in the atmtcpcsend function of the atm component of the Linux kernel is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

EUVD-2025-20071

Malicious code in bioql PyPI...

AZL-67392 CVE-2025-39828 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send an in-kernel special message. The...

CVE-2025-38185

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendmsg copies data passed from userspace to skb and passes it to vcc-dev-ops-send. atmtcpcsend accesses skb-data as struct atmtcphdr afte...

CVE-2025-38185 atm: atmtcp: Free invalid length skb in atmtcp_c_send().

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendmsg copies data passed from userspace to skb and passes it to vcc-dev-ops-send. atmtcpcsend accesses skb-data as struct atmtcphdr afte...

CVE-2025-38185 atm: atmtcp: Free invalid length skb in atmtcp_c_send().

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendmsg copies data passed from userspace to skb and passes it to vcc-dev-ops-send. atmtcpcsend accesses skb-data as struct atmtcphdr afte...

CVE-2025-38185

CVE-2025-38185 (Linux kernel) : The vulnerability in the ATM subsystem (atm/atmtcp.c) arises from freeing an skb with an invalid length in atmtcp_c_send(). The code checks skb->len == 0 but does not fully guard against using skb->data as an atmtcp_hdr when len is non-zero, and when len == 0...