Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: In the nfreject function, there is no need to leak the reference count of the dst entry for loopback packets. Recent patches that added a WARN message when replacing the skb dst entry have identified an old bug:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988845)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988845 advisory. In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix vlan tunnel dst refcnt when egressing The egress tunnel code uses dstclone and...

netfilter: nf_reject: don't leak dst refcount for loopback packets

...

UBUNTU-CVE-2025-38732

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfreject: don't leak dst refcount for loopback packets recent patches to add a WARN when replacing skb dst entry found an old bug: WARNING: include/linux/skbuff.h:1165 skbdstcheckunset include/linux/skbuff.h:1164 inlin...

CVE-2025-38732 netfilter: nf_reject: don't leak dst refcount for loopback packets

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfreject: don't leak dst refcount for loopback packets recent patches to add a WARN when replacing skb dst entry found an old bug: WARNING: include/linux/skbuff.h:1165 skbdstcheckunset include/linux/skbuff.h:1164 inlin...

kernel: tipc: force a dst refcount before doing decryption

A vulnerability was found in the Linux kernel's TIPC module, where a reference count on the destination entry was not enforced before decryption. This issue arises due to potential asynchronous returns from crypto requests, which could lead to crash...

kernel: tipc: force a dst refcount before doing decryption

A vulnerability was found in the Linux kernel's TIPC module, where a reference count on the destination entry was not enforced before decryption. This issue arises due to potential asynchronous returns from crypto requests, which could lead to crash...

SUSE CVE-2024-40983

In the Linux kernel, the following vulnerability has been resolved: tipc: force a dst refcount before doing decryption As it says in commit 3bc07321ccc2 "xfrm: Force a dst refcount before entering the xfrm type handlers": "Crypto requests might return asynchronous. In this case we leave the rcu...

UVI-2021-1000935 net: bridge: fix vlan tunnel dst refcnt when egressing

net: bridge: fix vlan tunnel dst refcnt when egressing This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.128 by commit...