CVE-2026-53248

The CVE-2026-53248 issue affects the Linux kernel net/airoha path where airoha_metadata_dst_free() frees metadata_dst via kfree(), bypassing the RCU grace period. In RX, skb_dst_set_noref() creates a non-refcounted pointer from skb to metadata_dst, which must remain valid until all RCU readers fi...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005135)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005135 advisory. In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed...

EUVD-2025-11238

Malicious code in bioql PyPI...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dstrelease The upstream fix ac888d58869b “net: do not delay dstentriesadd in dstrelease” moved the decrementing of the dst counter from dstdestroy to dstrelease, in order to avoid accessing...

CVE-2025-22057

In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dstrelease Upstream fix ac888d58869b "net: do not delay dstentriesadd in dstrelease" moved decrementing the dst count from dstdestroy to dstrelease to avoid accessing already freed data in cas...

DEBIAN-CVE-2025-22057

In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dstrelease Upstream fix ac888d58869b "net: do not delay dstentriesadd in dstrelease" moved decrementing the dst count from dstdestroy to dstrelease to avoid accessing already freed data in cas...

AZL-69539 CVE-2025-22057 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dstrelease Upstream fix ac888d58869b "net: do not delay dstentriesadd in dstrelease" moved decrementing the dst count from dstdestroy to dstrelease to avoid accessing already freed data in cas...

UBUNTU-CVE-2025-22057

In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dstrelease Upstream fix ac888d58869b "net: do not delay dstentriesadd in dstrelease" moved decrementing the dst count from dstdestroy to dstrelease to avoid accessing already freed data in cas...

CVE-2025-22057 net: decrease cached dst counters in dst_release

In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dstrelease Upstream fix ac888d58869b "net: do not delay dstentriesadd in dstrelease" moved decrementing the dst count from dstdestroy to dstrelease to avoid accessing already freed data in cas...

CVE-2025-22057

CVE-2025-22057 : In the Linux kernel, the fix for an issue with decreasing cached dst counters in dst_release was incomplete when CONFIG_DST_CACHE is enabled and OvS tunnels are used, potentially leading to a kernel NULL page fault during dst cache destruction. The upstream patch moves the decrem...

CVE-2025-22057 net: decrease cached dst counters in dst_release

In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dstrelease Upstream fix ac888d58869b "net: do not delay dstentriesadd in dstrelease" moved decrementing the dst count from dstdestroy to dstrelease to avoid accessing already freed data in cas...

Linux Distros Unpatched Vulnerability : CVE-2021-47588

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, alread...

CVE-2024-50036 net: do not delay dst_entries_add() in dst_release()

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...

CVE-2024-50036

CVE-2024-50036 is a Linux kernel vulnerability where dst_entries_add() uses per-CPU data that can be freed during netns dismantle, making dst_entries_destroy() race with dst_release() and potentially causing a use-after-free. The issue arises because the count of dsts must be decremented earlier,...

CVE-2024-50036 net: do not delay dst_entries_add() in dst_release()

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...

CVE-2024-50036 net: do not delay dst_entries_add() in dst_release()

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...

CVE-2021-47588

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, already called by registernetdevice if something goes wrong. Alternative would be to make ipip6devfree robust against multiple invocations, but...

CVE-2021-47588

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, already called by registernetdevice if something goes wrong. Alternative would be to make ipip6devfree robust against multiple invocations, but...

CVE-2021-47588

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, already called by registernetdevice if something goes wrong. Alternative would be to make ipip6devfree robust against multiple invocations, but...

CVE-2021-47588 sit: do not call ipip6_dev_free() from sit_init_net()

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, already called by registernetdevice if something goes wrong. Alternative would be to make ipip6devfree robust against multiple invocations, but...