Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ax25: The refcount leak caused by setting the SOBINDTODEVICE socket option has been fixed. When an AX25 device is bound to a socket by setting the SOBINDTODEVICE socket option, a refcount leak will occur in ax25release. Commit...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netrom: Check the buffer length before accessing it. Syzkaller reports an uninit value being read from ax25cmp when sending raw messages through the ieee802154 implementation.================================================BUG...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ax25: rcu protect dev-ax25ptr syzbot identified a lockdep issue 1. We should remove the ax25 RTNL dependency in ax25setsockopt. This should also fix various potential UAF issues in ax25. 1 WARNING: A circular locking dependenc...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ax25: Fixed the imbalance in reference counts for inbound connections. When releasing a socket in ax25release, we call netdevput to decrease the reference count of the associated ax.25 device. However, the execution path for...

Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ax25: fix use-after-free bugs caused by ax25dsdeltimer When the ax25 device is detaching, the ax25devdevicedown calls ax25dsdeltimer to cleanup the slavetimer. When the timer handler is running, the ax25dsdeltimer that calls...

Astra Linux - уязвимость в linux, linux-5.10

A use-after-free vulnerability was discovered in drivers/net/hamradio/6pack.c of Linux, which allows an attacker to crash the Linux kernel by simulating the ax25 device using the 6pack driver from the user space...

SUSE-SU-2026:20940-1 Security update for net-tools

This update for net-tools fixes the following issues: - Fix stack buffer overflow in parsehex bsc1248687, GHSA-h667-qrp8-gj58. - Fix stack-based buffer overflow in procgenfmt bsc1248687, GHSA-w7jq-cmw2-cq59. - Avoid unsafe memcpy in ifconfig bsc1248687. - Prevent overflow in ax25 and netrom...

SUSE CVE-2026-23098

In the Linux kernel, the following vulnerability has been resolved: netrom: fix double-free in nrrouteframe In nrrouteframe, oldskb is immediately freed without checking if nrneigh-ax25 pointer is NULL. Therefore, if nrneigh-ax25 is NULL, the caller function will free oldskb again, causing a...

UBUNTU-CVE-2026-23098

In the Linux kernel, the following vulnerability has been resolved: netrom: fix double-free in nrrouteframe In nrrouteframe, oldskb is immediately freed without checking if nrneigh-ax25 pointer is NULL. Therefore, if nrneigh-ax25 is NULL, the caller function will free oldskb again, causing a...

CVE-2026-23098

In the Linux kernel, the following vulnerability has been resolved: netrom: fix double-free in nrrouteframe In nrrouteframe, oldskb is immediately freed without checking if nrneigh-ax25 pointer is NULL. Therefore, if nrneigh-ax25 is NULL, the caller function will free oldskb again, causing a...

EUVD-2026-5444

In the Linux kernel, the following vulnerability has been resolved: netrom: fix double-free in nrrouteframe In nrrouteframe, oldskb is immediately freed without checking if nrneigh-ax25 pointer is NULL. Therefore, if nrneigh-ax25 is NULL, the caller function will free oldskb again, causing a...

Linux Distros Unpatched Vulnerability : CVE-2026-23098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netrom: fix double-free in nrrouteframe In nrrouteframe, oldskb is immediately freed without checking if nrneigh-ax25 pointer is NULL. Therefore, if nrneigh-ax2...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005071)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005071 advisory. In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issue of netdevice There is a reference count leak issue of the...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21792)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21792 advisory. - In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount leak caused by settin...

ROS-20260119-7367

A vulnerability in the ax25setsockopt function of the net/ax25/afax25.c component of the Linux operating system kernel is related to improper memory freeing before deleting the last reference. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002310)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002310 advisory. The ax25recvmsg function in net/ax25/afax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001698)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001698 advisory. A use-after-free flaw was found in the Linux kernels Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a loca...

ROS-20260112-7319

A vulnerability in the ax25addrax25dev function of module net/ax25/ax25dev.c of the Linux operating system kernel is related to resource leakage. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

PT-2026-6168

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free issue was identified in the netrom network routing mechanism within the Linux kernel. Specifically, the nr route frame function frees memory associated with old skb without...

CVE-2025-34458

wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprsmice located in src/decodeaprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or...