Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: A free invalid length skb was encountered in atmtcpcsend. syzbot reported the issue below. 0 vccsendmsg copies data passed from the user space to a skb and passes it to vcc-dev-ops-send. atmtcpcsend accesses skb-data...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005496)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005496 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendms...

ROS-20260220-73-0020

A vulnerability in the atmtcpcsend function of the atm component of the Linux kernel is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

EUVD-2025-20071

Malicious code in bioql PyPI...

AZL-67392 CVE-2025-39828 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send an in-kernel special message. The...

The vulnerability of the atmtcp_c_send() function in the Linux operating system’s ATM component allows a hacker to trigger a service failure.

The vulnerability of the atmtcpcsend function in the Linux operating system’s ATM component is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2025-38185

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendmsg copies data passed from userspace to skb and passes it to vcc-dev-ops-send. atmtcpcsend accesses skb-data as struct atmtcphdr afte...

CVE-2025-38185 atm: atmtcp: Free invalid length skb in atmtcp_c_send().

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendmsg copies data passed from userspace to skb and passes it to vcc-dev-ops-send. atmtcpcsend accesses skb-data as struct atmtcphdr afte...

CVE-2025-38185

CVE-2025-38185 (Linux kernel) : The vulnerability in the ATM subsystem (atm/atmtcp.c) arises from freeing an skb with an invalid length in atmtcp_c_send(). The code checks skb->len == 0 but does not fully guard against using skb->data as an atmtcp_hdr when len is non-zero, and when len == 0...

CVE-2025-38185 atm: atmtcp: Free invalid length skb in atmtcp_c_send().

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendmsg copies data passed from userspace to skb and passes it to vcc-dev-ops-send. atmtcpcsend accesses skb-data as struct atmtcphdr afte...