Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: fib6rules: avoided possible NULL dereferencing in fib6ruleaction. syzbot is capable of triggering the following crashes 1, caused by the unsafe use of ip6dstidev. Indeed, ip6dstidev can return NULL, and this value must...

CVE-2026-46260

The CVE-2026-46260 entry is supported by multiple connected sources detailing a kernel IPv6 out-of-bounds read when creating an IPv6 route with RTA_NH_ID, due to fib6_info not containing trailing fib6_nh and an unsafe read of iter->fib6_nh. The fix adds a check of iter->nh before dereferenc...

SUSE CVE-2026-46099

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6inputcore and rplinput call ip6routeinput which sets a NOREF dst on the skb, then pass it to dstcachesetip6 invoking dsthold unconditionally. On PREEMPTRT, ksoftirqd is...

CVE-2026-46099

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6inputcore and rplinput call ip6routeinput which sets a NOREF dst on the skb, then pass it to dstcachesetip6 invoking dsthold unconditionally. On PREEMPTRT, ksoftirqd is...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from issues with seg6 and rpl lwtunnels when handling NOREF dst; these vulnerabilities allow concurren...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Fixed a mismatch in the count of ECMP siblings when clearing RTFADDRCONF. The syzbot reported a kernel bug in fib6addrt2node, when adding an IPv6 route. 0 The commit f72514b3c569 "ipv6: Clear RA flags when adding a stati...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021618)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021618 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ipv4: A reference count leak was fixed when using error routes with nexthop objects. When a nexthop object is deleted, it is marked as “dead”, and then fibtableFlush is called to flush all routes that use the dead nexthop. The...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in iprouteusehint syzbot was able to trigger a NULL deref in fibvalidatesource in an old tree 1. It appears the bug exists in latest trees. All calls to indevgetrcu must be checked for a NULL result. 1...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipv4: Prevent potential spectre v1 exploits in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; Since @type is used as an array index, we need to prevent CPU speculation ...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ipv4: Handled attempts to delete multipath routes when fibinfo contains a reference to nh. Gwangun Jung reported a buffer overflow vulnerability in fibnhmatch: fibnhmatch+0xf98/0x1130, linux-6.0-rc7/net/ipv4/fibsemantics.c:961...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006668)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006668 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibmultipathuseneigh. While reading sysctlfibmultipathuseneigh...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006775)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006775 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of...

SUSE CVE-2026-23316

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix ARM64 alignment fault in multipath hash seed struct sysctlfibmultipathhashseed contains two u32 fields userseed and mpseed, making it an 8-byte structure with a 4-byte alignment requirement. In...

CVE-2026-23300

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop When a standalone IPv6 nexthop object is created with a loopback device e.g., "ip -6 nexthop add id 100 dev lo", fib6nhinit misclassifies it as a reject route...

UBUNTU-CVE-2026-23316

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix ARM64 alignment fault in multipath hash seed struct sysctlfibmultipathhashseed contains two u32 fields userseed and mpseed, making it an 8-byte structure with a 4-byte alignment requirement. In...

CVE-2026-23200

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix ECMP sibling count mismatch when clearing RTFADDRCONF syzbot reported a kernel BUG in fib6addrt2node when adding an IPv6 route. 0 Commit f72514b3c569 "ipv6: clear RA flags when adding a static route" introduced logic to...

CLSA-2026-1769610819 kernel: Fix of 39 CVEs

Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times CVE-2022-50419 - firewire: net: fix use after free in fwnetfinishincomingpacket CVE-2023-53432 - wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstartxmit CVE-2022-50408 - wifi: brcmfmac: slab-out-of-bounds read in...

Azure Linux 3.0 Security Update: kernel (CVE-2024-56703)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56703 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix soft lockups in fib6selectpath...

ROS-20260121-73-0021

A vulnerability in the fibchecknhv6gw function of the Linux operating system kernel is related to a possible memory leak. Exploitation of the vulnerability could allow an attacker to cause a denial of service...