2755 matches found
SUSE CVE-2025-21756
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind and those implicitly bound through autobind during connect. Prevents socket unbinding during a transpo...
SUSE CVE-2025-21792
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount leak caused by setting SOBINDTODEVICE sockopt If an AX25 device is bound to a socket by setting the SOBINDTODEVICE socket option, a refcount leak will occur in ax25release. Commit 9fd75b66b8f6 "ax25: Fix refcou...
DEBIAN-CVE-2025-21792
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount leak caused by setting SOBINDTODEVICE sockopt If an AX25 device is bound to a socket by setting the SOBINDTODEVICE socket option, a refcount leak will occur in ax25release. Commit 9fd75b66b8f6 "ax25: Fix refcou...
CVE-2025-21756
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind and those implicitly bound through autobind during connect. Prevents socket unbinding during a transpo...
AZL-58995 CVE-2025-21756 affecting package kernel for versions less than 5.15.180.1-1
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind and those implicitly bound through autobind during connect. Prevents socket unbinding during a transpo...
AZL-59037 CVE-2025-21756 affecting package kernel for versions less than 6.6.82.1-1
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind and those implicitly bound through autobind during connect. Prevents socket unbinding during a transpo...
DEBIAN-CVE-2025-21756
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind and those implicitly bound through autobind during connect. Prevents socket unbinding during a transpo...
DEBIAN-CVE-2025-21746
In the Linux kernel, the following vulnerability has been resolved: Input: synaptics - fix crash when enabling pass-through port When enabling a pass-through port an interrupt might come before psmouse driver binds to the pass-through port. However synaptics sub-driver tries to access psmouse...
UBUNTU-CVE-2025-21792
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount leak caused by setting SOBINDTODEVICE sockopt If an AX25 device is bound to a socket by setting the SOBINDTODEVICE socket option, a refcount leak will occur in ax25release. Commit 9fd75b66b8f6 "ax25: Fix refcou...
UBUNTU-CVE-2025-21756
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind and those implicitly bound through autobind during connect. Prevents socket unbinding during a transpo...
CVE-2025-21792 ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount leak caused by setting SOBINDTODEVICE sockopt If an AX25 device is bound to a socket by setting the SOBINDTODEVICE socket option, a refcount leak will occur in ax25release. Commit 9fd75b66b8f6 "ax25: Fix refcou...
CVE-2025-21756 vsock: Keep the binding until socket destruction
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind and those implicitly bound through autobind during connect. Prevents socket unbinding during a transpo...
CVE-2025-21756 vsock: Keep the binding until socket destruction
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind and those implicitly bound through autobind during connect. Prevents socket unbinding during a transpo...
CVE-2025-21756 vsock: Keep the binding until socket destruction
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind and those implicitly bound through autobind during connect. Prevents socket unbinding during a transpo...
CVE-2025-21756
CVE-2025-21756 affects the Linux kernel vsock subsystem. The issue arises from keeping socket bindings until destruction, preventing correct unbinding during transport reassignment. This leads to a use-after-free in the binding path, observed as a KASAN slab-use-after-free in __vsock_bind and rel...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel that stems from vsock not properly retaining bindings during transfer reallocation, leading to reuse after...
CVE-2022-49501 usbnet: Run unregister_netdev() before unbind() again
In the Linux kernel, the following vulnerability has been resolved: usbnet: Run unregisternetdev before unbind again Commit 2c9d6c2b871d "usbnet: run unbind before unregisternetdev" sought to fix a use-after-free on disconnect of USB Ethernet adapters. It turns out that a different fix is necessa...
CVE-2022-49501
In the Linux kernel, the following vulnerability has been resolved: usbnet: Run unregisternetdev before unbind again Commit 2c9d6c2b871d "usbnet: run unbind before unregisternetdev" sought to fix a use-after-free on disconnect of USB Ethernet adapters. It turns out that a different fix is necessa...
SUSE SLED15: bind / bind-chrootenv / bind-devel / bind-doc / bind-utils / etc (SUSE-SU-2025:0427-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0427-1 advisory. - CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 Tenable has extracte...
CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-40891link is external Zyxel DSL CPE OS Command Injection Vulnerability CVE-2024-40890link is external Zyxel DSL CPE OS Command Injection Vulnerability...