16 matches found
Oracle Linux 10 : ELSA-2025-20095-0: / kernel (ELSA-2025-200950)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-200950 advisory. - selftests: tls: add tests for zero-length records CKI Backport Bot RHEL-114328 CVE-2025-39682 - tls: fix handling of zero-length records on the...
SUSE-SU-2025:21118-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_6
This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882 - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data...
SUSE-SU-2025:21108-1 Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882 - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data...
SUSE-SU-2025:21093-1 Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882 - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778 - CVE-2025-38500: xfrm: interface: fix use-after-free...
SUSE-SU-2025:4265-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.47 fixes various security issues The following security issues were fixed: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882. - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd...
kernel: xfrm: interface: fix use-after-free after changing collect_md xfrm interface
In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...
AlmaLinux 9 : kernel (ALSA-2025:15011)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15011 advisory. kernel: netsched: hfsc: Fix a potential UAF in hfscdequeue too CVE-2025-37823 kernel: i40e: fix MMIO write access to an invalid page in i40eclearhw...
kernel: xfrm: interface: fix use-after-free after changing collect_md xfrm interface
In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...
xfrm: interface: fix use-after-free after changing collect_md xfrm interface
...
Linux Distros Unpatched Vulnerability : CVE-2025-38500
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd proper...
SUSE CVE-2025-38500
In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...
DEBIAN-CVE-2025-38500
In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...
CVE-2025-38500
In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...
UBUNTU-CVE-2025-38500
In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...
CVE-2025-38500 xfrm: interface: fix use-after-free after changing collect_md xfrm interface
In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...
CVE-2025-38500 xfrm: interface: fix use-after-free after changing collect_md xfrm interface
In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...