188 matches found
SUSE CVE-2026-53214
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix a potential NPD in cleanupprefixroute addrconfgetprefixroute can return the fib6nullentry sentinel entry which has a NULL fib6table pointer. Therefore, before setting the route's expiration time, check that we are not...
CVE-2026-53214
The CVE-2026-53214 entry concerns the Linux kernel IPv6 code. The vulnerability occurs when addrconf_get_prefix_route() can return the fib6_null_entry sentinel, which has a NULL fib6_table pointer. Before setting a route’s expiration time, the code must verify that it is not operating on the fib6...
CVE-2026-53214 ipv6: Fix a potential NPD in cleanup_prefix_route()
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix a potential NPD in cleanupprefixroute addrconfgetprefixroute can return the fib6nullentry sentinel entry which has a NULL fib6table pointer. Therefore, before setting the route's expiration time, check that we are not...
CVE-2026-53134
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftfib: fix stale stack leak via the OIFNAME register For NFTFIBRESULTOIFNAME the destination register is declared with len = IFNAMSIZ four 32-bit registers, but on the lookup-fail, RTNLOCAL and oif-mismatch paths...
CVE-2026-53134 netfilter: nft_fib: fix stale stack leak via the OIFNAME register
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftfib: fix stale stack leak via the OIFNAME register For NFTFIBRESULTOIFNAME the destination register is declared with len = IFNAMSIZ four 32-bit registers, but on the lookup-fail, RTNLOCAL and oif-mismatch paths...
PT-2026-52230
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A stale stack leak exists in the netfilter nft fib component. When using the NFT FIB RESULT OIFNAME result type, the destination register is declared with a length of IFNAMSIZ, but certa...
PT-2026-52309
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Null Pointer Dereference NPD can occur in the IPv6 implementation. The function addrconf get prefix route may return a fib6 null entry sentinel entry that contains a NULL fib6 table...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ipv4: A reference count leak was fixed when using error routes with nexthop objects. When a nexthop object is deleted, it is marked as “dead”, and then fibtableFlush is called to flush all routes that use the dead nexthop. The...
CVE-2026-46260
The CVE-2026-46260 entry is supported by multiple connected sources detailing a kernel IPv6 out-of-bounds read when creating an IPv6 route with RTA_NH_ID, due to fib6_info not containing trailing fib6_nh and an unsafe read of iter->fib6_nh. The fix adds a check of iter->nh before dereferenc...
SUSE CVE-2026-46099
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6inputcore and rplinput call ip6routeinput which sets a NOREF dst on the skb, then pass it to dstcachesetip6 invoking dsthold unconditionally. On PREEMPTRT, ksoftirqd is...
CVE-2026-46099
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6inputcore and rplinput call ip6routeinput which sets a NOREF dst on the skb, then pass it to dstcachesetip6 invoking dsthold unconditionally. On PREEMPTRT, ksoftirqd is...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from issues with seg6 and rpl lwtunnels when handling NOREF dst; these vulnerabilities allow concurren...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ipv4: Prevent potential spectre v1 exploits in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; Since @type is used as an array index, we need to prevent CPU speculation ...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: ipv4: Handled attempts to delete multipath routes when fibinfo contains a reference to nh. Gwangun Jung reported a buffer overflow vulnerability in fibnhmatch: fibnhmatch+0xf98/0x1130, linux-6.0-rc7/net/ipv4/fibsemantics.c:961...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed a mismatch in the count of ECMP siblings when clearing RTFADDRCONF. The syzbot reported a kernel bug in fib6addrt2node, when adding an IPv6 route. 0 The commit f72514b3c569 "ipv6: Clear RA flags when adding a static...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ipv4: Check for a NULL idev in iprouteusehint. The syzbot was able to trigger a NULL deref in fibvalidatesource in an old tree 1. It appears that this bug still exists in the latest trees. All calls to indevgetrcu must be...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021618)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021618 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006668)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006668 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibmultipathuseneigh. While reading sysctlfibmultipathuseneigh...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006775)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006775 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of...
SUSE CVE-2026-23316
In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix ARM64 alignment fault in multipath hash seed struct sysctlfibmultipathhashseed contains two u32 fields userseed and mpseed, making it an 8-byte structure with a 4-byte alignment requirement. In...