Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftchainfilter: handle NETDEVUNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEVUNREGISTER event is reported, otherwise a stale reference to netdevice remains in the hook...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: discard table flag update with pending basechain deletion Hook unregistration is deferred to the commit phase, same occurs with hook updates triggered by the table dormant flag. When both commands are combine...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005599)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005599 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject new basechain after table flag update When dormant flag is toggled,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005481)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005481 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: discard table flag update with pending basechain deletion Hook unregistratio...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005679)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005679 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: discard table flag update with pending basechain deletion Hook unregistratio...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005416)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005416 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject new basechain after table flag update When dormant flag is toggled,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005445)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005445 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: discard table flag update with pending basechain deletion Hook unregistratio...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005461)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005461 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject new basechain after table flag update When dormant flag is toggled,...

SUSE SLES15 Security Update : kernel (Live Patch 34 for SLE 15 SP4) (SUSE-SU-2025:03381-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03381-1 advisory. This update for the Linux Kernel 5.14.21-15040024144 fixes several issues. The following security issues were fixed: - CVE-2025-38177: schhfsc...

SUSE-SU-2025:03387-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: - CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. - CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. - CVE-2025-38498:...

SUSE-SU-2025:03381-1 Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024144 fixes several issues. The following security issues were fixed: - CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. - CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. - CVE-2025-38498:...

SUSE-SU-2025:03370-1 Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024136 fixes several issues. The following security issues were fixed: - CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862. - CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. - CVE-2025-38181: calipso: Fix...

kernel: netfilter: nf_tables: reject new basechain after table flag update

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject new basechain after table flag update The Linux kernel CVE team has assigned CVE-2024-35900 to this issue. Upstream advisory:...

kernel: netfilter: nf_tables: reject new basechain after table flag update

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject new basechain after table flag update The Linux kernel CVE team has assigned CVE-2024-35900 to this issue. Upstream advisory:...

kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain

A vulnerability was found in the Linux kernel's netfilter subsystem, related to the nftchainfilter feature. This issue occurs when a NETDEVUNREGISTER event is reported, which can leave a stale reference to a network device in the ingress basechain. If this issue is not addressed, this stale...

kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain

A vulnerability was found in the Linux kernel's netfilter subsystem, related to the nftchainfilter feature. This issue occurs when a NETDEVUNREGISTER event is reported, which can leave a stale reference to a network device in the ingress basechain. If this issue is not addressed, this stale...

kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain

A vulnerability was found in the Linux kernel's netfilter subsystem, related to the nftchainfilter feature. This issue occurs when a NETDEVUNREGISTER event is reported, which can leave a stale reference to a network device in the ingress basechain. If this issue is not addressed, this stale...

kernel: netfilter: nf_tables: reject new basechain after table flag update

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject new basechain after table flag update The Linux kernel CVE team has assigned CVE-2024-35900 to this issue. Upstream advisory:...

kernel: netfilter: nf_tables: reject new basechain after table flag update

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject new basechain after table flag update The Linux kernel CVE team has assigned CVE-2024-35900 to this issue. Upstream advisory:...

kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain

A vulnerability was found in the Linux kernel's netfilter subsystem, related to the nftchainfilter feature. This issue occurs when a NETDEVUNREGISTER event is reported, which can leave a stale reference to a network device in the ingress basechain. If this issue is not addressed, this stale...