Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed a double-free operation in userclusterconnect. userclusterdisconnect frees "conn-ccprivate", which is actually "lc". However, the error handling frees "lc" again. Setting "lc" to NULL in this case can prevent a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013813)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013813 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in userclusterconnect userclusterdisconnect frees conn-ccprivate which is ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011006)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011006 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in userclusterconnect userclusterdisconnect frees conn-ccprivate which is ...

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-007624)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007624 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in userclusterconnect userclusterdisconnect frees conn-ccprivate which is ...

ocfs2: fix double free in user_cluster_connect()

...

SUSE CVE-2025-40055

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in userclusterconnect userclusterdisconnect frees "conn-ccprivate" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a double free...

UBUNTU-CVE-2025-40055

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in userclusterconnect userclusterdisconnect frees "conn-ccprivate" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a double free...

EUVD-2025-36473

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in userclusterconnect userclusterdisconnect frees "conn-ccprivate" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a double free...

CVE-2025-40055

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in userclusterconnect userclusterdisconnect frees "conn-ccprivate" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a double free...

CVE-2025-40055

CVE-2025-40055 affects the Linux kernel OCFS2, describing a double-free in the path handling user_cluster_connect(). The root cause is that user_cluster_disconnect() frees the same memory as conn->cc_private (the lc object) and the error handling frees lc again, leading to a double-free. The d...

CVE-2025-40055 ocfs2: fix double free in user_cluster_connect()

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in userclusterconnect userclusterdisconnect frees "conn-ccprivate" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a double free...

CVE-2025-40055 ocfs2: fix double free in user_cluster_connect()

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in userclusterconnect userclusterdisconnect frees "conn-ccprivate" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a double free...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a double release issue in the userclusterconnect function...

PT-2025-44123

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ocfs2 component related to a double free in the user cluster connect function. Specifically, user cluster disconnect frees a memory region, an...

Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs

Microsoft's Patch Tuesday update for the month of October has addressed a total of 85 security vulnerabilities, including fixes for an actively exploited zero-day flaw in the wild. Of the 85 bugs, 15 are rated Critical, 69 are rated Important, and one is rated Moderate in severity. The update,...

CVE-2022-37968

Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, becaus...

Code injection

Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, becaus...