CLSA-2026-1779180310 kernel: Fix of CVE-2026-46333

ptrace: require CAPSYSPTRACE when task has no mm CVE-2026-46333...

PT-2026-41298

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.8 Linux kernel versions prior to 6.18.31 Linux kernel versions prior to 6.12.89 Linux kernel versions prior to 6.6.139 Linux kernel versions prior to 6.1.173 Linux kernel versions prior to 5.15.207 Linux kern...

Astra Linux - уязвимость в linux-5.10, linux-5.15

A use-after-free vulnerability in the netfilter component of the Linux kernel’s nftables module can be exploited to achieve local privilege escalation. A flaw in the error handling of bound chains causes a use-after-free in the abort path of NFTMSGNEWRULE. This vulnerability requires that the...

EUVD-2023-60038

The WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.8.2, due to improper CORS handling on the Store API's REST endpoints allowing direct external access from any origin. This can allow unauthenticated attackers to extract...

kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc

A use-after-free vulnerability has been identified in the Linux kernel's HFSC Hierarchical Fair Service Curve queuing discipline when it is configured with NETEM Network Emulation as a child. This flaw can lead to a kernel panic or crash due to incorrect assumptions about the queue state...

kernel: netfilter: nf_tables: fix chain binding transaction logic in the abort path of NFT_MSG_NEWRULE

A use-after-free vulnerability was found in the netfilter: nftables component in the Linux kernel due to a missing error handling in the abort path of NFTMSGNEWRULE. This flaw allows a local attacker with CAPNETADMIN access capability to cause a local privilege escalation problem...

An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However in order for an attacker to exploit this the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.

...

SUSE CVE-2012-6538

The copytouserauth function in net/xfrm/xfrmuser.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability...

SUSE CVE-2021-42008

The decodedata function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAPNETADMIN capability can lead to root access...

AZL-34860 CVE-2022-2785 affecting package kernel for versions less than 6.6.35.1-4

There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...