139 matches found
OESA-2026-2076 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. syzbot reported the splat below where a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. 0 syzbot...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011081)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011081 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Don't call reqskfastopenremove in tcpconnrequest. syzbot reported the splat below in...
CVE-2026-39418
CVE-2026-39418 MaxKB is affected in versions ≤ 2.7.1 where the sandbox’s network protection can be bypassed. An authenticated user with tool-editing permissions can reach internal services blocked by the sandbox by using socket.sendto() with the MSG_FASTOPEN flag. MaxKB’s sandbox relies on LD_PRE...
SUSE-SU-2026:20558-1 Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes one security issue The following security issue was fixed: - CVE-2025-40186: tcp: Don't call reqskfastopenremove in tcpconnrequest bsc1253439...
SUSE-SU-2026:0543-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.33 fixes various security issues The following security issues were fixed: - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455. - CVE-2025-38352: posix-cpu-timers: fix race between...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: TCP: Use dstdevrcu in tcpfastopenactivedisableofocheck. Use RCU to avoid a pair of atomic operations and a potential UAF on dstdev-flags...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: In tcpconnrequest, do not call reqskfastopenremove. The syzbot reported the following issue in tcpconnrequest: 0 If a listener is closed while a TFO socket is being processed in tcpconnrequest, inetcskreqskqueueadd does not set...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: In the tcpdisconnect function, the tcpsksk-fastopenrsk field was not cleared. The syzbot reported that a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. The syzbot reused the server-side TCP Fast Open socket as a new...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the presence of a null pointer dereference during fast open early fallback, which could lead to a null pointer...
kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...
kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...
kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...
kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability
A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...
kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...
kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...
kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability
A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...
kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability
A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...
kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...
kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...
kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability
A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...