Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Do not use timerPending in reqskQueueUnlink. Martin KaFai Lau reported a use-after-free in reqskTimerHandler. We are encountering a use-after-free related to a bpf program attached to traceTCPRetransmitSynack. The progr...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Fixed a deadlock between rcutasks Trace and eventmutex. The following deadlock was also fixed: CPU A freeevent perfkprobedestroy mutexlock&eventmutex perfTraceEventUnreg synchronizercuTasksTrace There are several paths in...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Fixed the re-attachment branch in bpftracingprogattach. The following scenario can cause a crash due to a missing attachbtf: 1 Load the rawtp program. 2 Load the fentry program with rawtp as targetfd. 3 Create a tracing...

Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2025-38285)

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix WARN in getbpfrawtpregs syzkaller reported an issue: WARNING: CPU: 3 PID: 5971 at kernel/trace/bpftrace.c:1861 getbpfrawtpregs+0xa4/0x100 kernel/trace/bpftrace.c:1861 Modules linked in: CPU: 3 UID: 0 PID: 5971 Comm:...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005184)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005184 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988833)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988833 advisory. In the Linux kernel, the following vulnerability has been resolved: ftrace: Clean up hash directfunctions on register failures We see the following GPF when...

Siemens SIMATIC Devices Improper Locking (CVE-2024-35895)

"In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be invoked from any...

Security Bulletin: Technical Support Appliance - possible denial of service

Summary A flaw in TCP/IP may allow a denial of service Vulnerability Details CVEID:CVE-2024-50154 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0 in reqsktimerhandler...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-411908)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-411908 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuse...

DEBIAN-CVE-2025-37884

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock between rcutaskstrace and eventmutex. Fix the following deadlock: CPU A freeevent perfkprobedestroy mutexlock&eventmutex perftraceeventunreg synchronizercutaskstrace There are several paths where freeevent grabs...

DEBIAN-CVE-2022-49402

In the Linux kernel, the following vulnerability has been resolved: ftrace: Clean up hash directfunctions on register failures We see the following GPF when registerftracedirect fails: general protection fault, probably for non-canonical address \ 0x200000000000010: 0000 1 PREEMPT SMP...

OESA-2024-2495 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0 in reqsktimerhandler. """ We are seeing a use-after-free from a...

kernel: bpf: Fix re-attachment branch in bpf_tracing_prog_attach

bpf: Fix re-attachment branch in bpftracingprogattach The following case can cause a crash due to missing attachbtf: 1 load rawtp program 2 load fentry program with rawtp as targetfd 3 create tracing link for fentry program with targetfd = 0 4 repeat 3 In the end we have: - prog-aux-dsttrampoline...

SUSE CVE-2024-50154

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0 in reqsktimerhandler. """ We are seeing a use-after-free from a bpf prog attached to tracetcpretransmitsynack. The program passes th...

DEBIAN-CVE-2024-50154

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0 in reqsktimerhandler. """ We are seeing a use-after-free from a bpf prog attached to tracetcpretransmitsynack. The program passes th...

CLSA-2024-1723567849 kernel: Fix of 20 CVEs

net: fix dstnegativeadvice race CVE-2024-36971 - spec: update shim Conflicts, Provides keys - ipv6: fib6rules: avoid possible NULL dereference in fib6ruleaction CVE-2024-36902 - ipv6: prevent NULL dereference in ip6output CVE-2024-36901 - drm/amd/display: Atom Integrated System Info v22 for DCN35...

DEBIAN-CVE-2024-35895

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be invoked from any...

CVE-2024-35895 bpf, sockmap: Prevent lock inversion deadlock in map delete elem

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be invoked from any...

CLSA-2024-1712263970 kernel: Fix of 48 CVEs

bpf: Fix re-attachment branch in bpftracingprogattach CVE-2024-26591 - ext4: improve error recovery code paths in ext4remount CVE-2024-0775 - smb: client: fix OOB in receiveencryptedstandard CVE-2024-0565 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier CVE-2023-52449 - net:...

SUSE CVE-2024-26591

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix re-attachment branch in bpftracingprogattach The following case can cause a crash due to missing attachbtf: 1 load rawtp program 2 load fentry program with rawtp as targetfd 3 create tracing link for fentry program with...