EUVD-2026-39198

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

CVE-2026-53247

CVE-2026-53247 affects the Linux kernel’s MTK Ethernet subsystem (net: ethernet: mtk_eth_soc). The vulnerability arises in the RX path when using non-refcounted pointers to a metadata_dst; mtk_free_dev() frees the metadata_dst with kfree(), bypassing the RCU grace period, creating a potential use...

CVE-2026-53212

CVE-2026-53212 affects the Linux kernel’s netfilter nft_tunnel subsystem. The vulnerability arises in nft_tunnel_obj_destroy(), which calls metadata_dst_free() to free a metadata_dst directly with kfree(), bypassing the dst_entry reference counting. Packets that hold a dst reference via dst_hold(...

Linux Distros Unpatched Vulnerability : CVE-2026-31469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtionet: Fix UAF on dstops when IFFXMITDSTRELEASE is cleared and napitx is false A UAF issue occurs when the virtionet driver is configured with napitx=N and...

Azure Linux 3.0 Security Update: kernel (CVE-2025-22057)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22057 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989940)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989940 advisory. In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, already...

SUSE CVE-2025-22057

In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dstrelease Upstream fix ac888d58869b "net: do not delay dstentriesadd in dstrelease" moved decrementing the dst count from dstdestroy to dstrelease to avoid accessing already freed data in cas...

PT-2025-16697

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the handling of cached destination counters in the dst release function. When CONFIG DST CACHE is enabled and Open vSwit...

SUSE CVE-2022-49198

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix crash due to tcptsortedanchor was initialized before release skb Got crash when doing pressure test of mptcp: =========================================================================== dstrelease: dst:ffffa06ce6e5c058...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: macsec: Fixed a use-after-free issue during the sending of the offloading packet. KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offloading, is already freed by metadatadstfre...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: fixed a memory leak in tcpconnrequest. If inetcskreqskqueuehashadd returns false, tcpconnrequest will return without freeing the dst memory, which was allocated in afops-routereq. Here is the stack trace for the issue:...

SUSE CVE-2024-57841

In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in tcpconnrequest If inetcskreqskqueuehashadd return false, tcpconnrequest will return without free the dst memory, which allocated in afops-routereq. Here is the kmemleak stack: unreferenced object...

AZL-55846 CVE-2024-57841 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in tcpconnrequest If inetcskreqskqueuehashadd return false, tcpconnrequest will return without free the dst memory, which allocated in afops-routereq. Here is the kmemleak stack: unreferenced object...

CLSA-2024-1731603213 Fix of 76 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-44946 - kcm: Serialise kcmsendmsg for the same socket. CVE-url: https://ubuntu.com/security/CVE-2024-42292 - kobjectuevent: Fix OOB access within zapmodaliasenv CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nftables: prefer...

DEBIAN-CVE-2024-50261

In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...

CVE-2024-50261 macsec: Fix use-after-free while sending the offloading packet

In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...

net: do not delay dst_entries_add() in dst_release()

...

DEBIAN-CVE-2024-50036

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...

AZL-51365 CVE-2024-50036 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...

UBUNTU-CVE-2024-50036

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...