SUSE CVE-2026-46172

In the Linux kernel, the following vulnerability has been resolved: ipv6: xfrm6: release dst on error in xfrm6rcvencap xfrm6rcvencap performs an IPv6 route lookup when the skb does not already have a dst attached. ip6routeinputlookup returns a referenced dst entry even when the lookup resolves to...

CVE-2026-46172

CVE-2026-46172 concerns the Linux kernel’s xfrm6_rcv_encap path for IPv6. If a route lookup via ip6_route_input_lookup() returns a dst entry with an error, the function may drop the skb without attaching or releasing that dst reference, leaking dst entries. The documented fix releases the dst bef...

PT-2026-44295

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel within the xfrm6 rcv encap function. When performing an IPv6 route lookup, the ip6 route input lookup function returns a referenced destination d...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: Release dst in case direct xmit path is used Direct xmit does not use dst because it calls devqueuexmit to send packets; therefore, it calls dstrelease. kmemleak reports: Unreferenced object:...

virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false

...

SUSE CVE-2026-31469

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix UAF on dstops when IFFXMITDSTRELEASE is cleared and napitx is false A UAF issue occurs when the virtionet driver is configured with napitx=N and the device's IFFXMITDSTRELEASE flag is cleared e.g., during the...

EUVD-2026-24817

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix UAF on dstops when IFFXMITDSTRELEASE is cleared and napitx is false A UAF issue occurs when the virtionet driver is configured with napitx=N and the device's IFFXMITDSTRELEASE flag is cleared e.g., during the...

CVE-2026-31469

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix UAF on dstops when IFFXMITDSTRELEASE is cleared and napitx is false A UAF issue occurs when the virtionet driver is configured with napitx=N and the device's IFFXMITDSTRELEASE flag is cleared e.g., during the...

CVE-2026-31469

The CVE-2026-31469 issue affects the Linux kernel virtio_net driver, where a Use-After-Free can occur when IFF_XMIT_DST_RELEASE is cleared and napi_tx is disabled, if the network namespace is destroyed while pending skbs remain in the transmit path. The root cause is the dst_ops reference being f...

CVE-2026-31469 virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix UAF on dstops when IFFXMITDSTRELEASE is cleared and napitx is false A UAF issue occurs when the virtionet driver is configured with napitx=N and the device's IFFXMITDSTRELEASE flag is cleared e.g., during the...

PT-2026-34374

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the virtio net driver when it is configured with napi tx=N and the IFF XMIT DST RELEASE flag is cleared, such as during the configuration of tc route...

Linux Distros Unpatched Vulnerability : CVE-2026-31469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtionet: Fix UAF on dstops when IFFXMITDSTRELEASE is cleared and napitx is false A UAF issue occurs when the virtionet driver is configured with napitx=N and...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005052)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005052 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when...

net: decrease cached dst counters in dst_release

...

CVE-2025-22057

In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dstrelease Upstream fix ac888d58869b "net: do not delay dstentriesadd in dstrelease" moved decrementing the dst count from dstdestroy to dstrelease to avoid accessing already freed data in cas...

SUSE CVE-2024-50261

In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...

SUSE CVE-2024-26834

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: release dst in case direct xmit path is used Direct xmit does not use it since it calls devqueuexmit to send packets, hence it calls dstrelease. kmemleak reports: unreferenced object 0xffff88814f440900...

UBUNTU-CVE-2024-26834

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: release dst in case direct xmit path is used Direct xmit does not use it since it calls devqueuexmit to send packets, hence it calls dstrelease. kmemleak reports: unreferenced object 0xffff88814f440900...