18 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: rds: TCP: Fixed an issue where a use-after-free occurred in net in reqsktimerhandler. Syzkaller reported a warning regarding the netns tracker 0, followed by KASAN, SPLAT 1, and another ref tracker warning 1. Syzkaller could n...
SUSE CVE-2026-43198
In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child socket is already visible from TCP ehash table and other cpus might use i...
EUVD-2026-27757
In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child socket is already visible from TCP ehash table and other cpus might use i...
CVE-2026-43198
In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child socket is already visible from TCP ehash table and other cpus might use i...
CVE-2026-43198
CVE-2026-43198 is a Linux kernel race in IPv6 TCP socket handling. The issue occurs in tcp_v6_syn_recv_sock() where the child socket becomes visible before IPv6 state is initialized, allowing other CPUs to access it and potentially triggering instability. The fix moves the problematic code into t...
CVE-2026-43198 tcp: fix potential race in tcp_v6_syn_recv_sock()
In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child socket is already visible from TCP ehash table and other cpus might use i...
PT-2026-37538
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Linux kernel within the tcp v6 syn recv sock function. The issue occurs because certain operations are performed after the call to tcp v4 syn recv sock, at...
CVE-2026-31669 mptcp: fix slab-use-after-free in __inet_lookup_established
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...
SUSE CVE-2024-26864
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix refcnt handling in inethashconnect. syzbot reported a warning in sknullsdelnodeinitrcu. The commit 66b60b0c8c4a "dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished." tried to fix an issue that a...
UBUNTU-CVE-2024-26864
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix refcnt handling in inethashconnect. syzbot reported a warning in sknullsdelnodeinitrcu. The commit 66b60b0c8c4a "dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished." tried to fix an issue that a...
CVE-2024-26865 rds: tcp: Fix use-after-free of net in reqsk_timer_handler().
In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsktimerhandler. syzkaller reported a warning of netns tracker 0 followed by KASAN splat 1 and another ref tracker warning 1. syzkaller could not find a repro, but in the log, the only...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unconnected socket occupying an ehash entry when a bhash2 allocation fails...
SUSE CVE-2024-26741
In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskdestroysock with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskbindhash; However, the syzkaller's log...
CVE-2024-26741
In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskdestroysock with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskbindhash; However, the syzkaller's log...
CVE-2024-26741
In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskdestroysock with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskbindhash; However, the syzkaller's log...
CVE-2024-26741 dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished().
In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskdestroysock with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskbindhash; However, the syzkaller's log...
CVE-2024-26741
CVE-2024-26741 concerns the Linux kernel DCCP/TCP path: when a connect() on an unbound socket occurs, the kernel searches for an ephemeral port, may reuse a bucket in ehash, and marks inet_num. If a concurrent allocation then fails for the corresponding bhash2 bucket, the code must revert by chec...
CVE-2024-26741 dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished().
In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskdestroysock with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskbindhash; However, the syzkaller's log...