Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be changed concurrently. Therefore, we need to add READONCE to its reader...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006621)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006621 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be...

OESA-2025-2553 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net/tunnel: wait until all skuserdata reader finish before releasing the sock There is a race condition in vxlan that when deleting a vxlan device during receivi...

EUVD-2022-25117

Malicious code in bioql PyPI...

CVE-2022-50405

In the Linux kernel, the following vulnerability has been resolved: net/tunnel: wait until all skuserdata reader finish before releasing the sock There is a race condition in vxlan that when deleting a vxlan device during receiving packets, there is a possibility that the sock is released after...

CVE-2022-50405

In the Linux kernel, the following vulnerability has been resolved: net/tunnel: wait until all skuserdata reader finish before releasing the sock There is a race condition in vxlan that when deleting a vxlan device during receiving packets, there is a possibility that the sock is released after...

CVE-2023-2373

A vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Management Interface. The manipulation of the argument ecn-up leads to command injection. It is possible to initiate the attack remotely. T...

SUSE CVE-2022-49630

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be changed concurrently. Thus, we need to add READONCE to its reader...

UBUNTU-CVE-2022-49630

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be changed concurrently. Thus, we need to add READONCE to its reader...

CVE-2022-49630 tcp: Fix a data-race around sysctl_tcp_ecn_fallback.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be changed concurrently. Thus, we need to add READONCE to its reader...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that sysctltcpecnfallback may be concurrently modified on read, resulting in data contention...

CLSA-2024-1719933179 kernel: Fix of 20 CVEs

net: iptunnel: make sure to pull inner header in iptunnelrcv CVE-2024-26882 - net: Set true network header for ECN decapsulation CVE-2024-26882 - media: dvb-core: Fix use-after-free due to race at dvbregisterdevice CVE-2022-45884 - media: dvbdev: fix error logic at dvbregisterdevice...

CLSA-2024-1719932549 kernel: Fix of 20 CVEs

net: iptunnel: make sure to pull inner header in iptunnelrcv CVE-2024-26882 - net: Set true network header for ECN decapsulation CVE-2024-26882 - media: dvb-core: Fix use-after-free due to race at dvbregisterdevice CVE-2022-45884 - media: dvbdev: fix error logic at dvbregisterdevice...

AZL-40168 CVE-2024-26882 affecting package kernel for versions less than 6.6.29.1-3

In the Linux kernel, the following vulnerability has been resolved: net: iptunnel: make sure to pull inner header in iptunnelrcv Apply the same fix than ones found in : 8d975c15c0cd "ip6tunnel: make sure to pull inner header in ip6tnlrcv" 1ca1ba465e55 "geneve: make sure to pull inner header in...

DEBIAN-CVE-2024-26641

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...

kernel: tcp: Fix a data-race around sysctl_tcp_ecn_fallback.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be changed concurrently. Thus, we need to add READONCE to its reader...

CVE-2023-2373

A vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Management Interface. The manipulation of the argument ecn-up leads to command injection. It is possible to initiate the attack remotely. T...

PT-2023-19172 · Ubiquiti · Ubiquiti Edgerouter X

Name of the Vulnerable Software and Affected Versions: Ubiquiti EdgeRouter X versions up to 2.0.9-hotfix.6 Description: A critical issue has been found in the Web Management Interface component. The manipulation of the ecn-down argument leads to command injection. This issue can be exploited...

Ubiquiti EdgeRouter 命令注入漏洞

The Ubiquiti EdgeRouter is a router from Ubiquiti USA. A command injection vulnerability exists in Ubiquiti EdgeRouter X version 2.0.9-hotfix.6 and prior versions, which stems from an incorrect operation of the parameter ecn-down that can lead to command injection...

Ubiquiti EdgeRouter 命令注入漏洞

The Ubiquiti EdgeRouter is a router from Ubiquiti USA. A command injection vulnerability exists in Ubiquiti EdgeRouter X version 2.0.9-hotfix.6 and prior versions, which stems from an incorrect operation of the parameter ecn-up that can lead to command injection...