11 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2025-21640)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21640 advisory. - In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using...
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-1421)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : filemap: avoid truncating 64-bit offset to 32 bitsCVE-2025-21665 iomap: avoid avoid truncating 64-bit offset to 32 bitsCVE-2025-21667 fs/proc: fix...
CVE-2025-21640 affecting package kernel for versions less than 5.15.179.1-1
CVE-2025-21640 affecting package kernel for versions less than 5.15.179.1-1. A patched version of the package is available...
CVE-2025-21640 affecting package kernel for versions less than 6.6.78.1-3
CVE-2025-21640 affecting package kernel for versions less than 6.6.78.1-3. An upgraded version of the package is available that resolves this issue...
Linux Distros Unpatched Vulnerability : CVE-2025-21640
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not...
CVE-2025-21640
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
CVE-2025-21640
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
CVE-2025-21640
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
CVE-2025-21640 sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
CVE-2025-21640 sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
CVE-2025-21640
Summary (CVE-2025-21640) : In the Linux kernel, the sctp: sysctl: cookie_hmac_alg path was fixed to avoid using current->nsproxy. The root cause involved dereferencing current->nsproxy (which can be NULL, e.g., when the task is exiting), leading to an OOPs condition. The patch replaces the ...