CVE-2026-31639 rxrpc: Fix key reference count leak from call->key

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call-key When creating a client call in rxrpcallocclientcall, the code obtains a reference to the key. This is never cleaned up and gets leaked when the call is destroyed. Fix this by...

OESA-2025-2294 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

CVE-2025-5351 Libssh: double free vulnerability in libssh key export functions

A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additiona...

CVE-2025-21893 keys: Fix UAF in key_put()

In the Linux kernel, the following vulnerability has been resolved: keys: Fix UAF in keyput Once a key's reference count has been reduced to 0, the garbage collector thread may destroy it at any time and so keyput is not allowed to touch the key after that point. The most keyput is normally allow...

kernel: wifi: mac80211: fix potential key use-after-free

A use-after-free flaw was found in the Linux kernel’s IEEE 802.11 networking stack implementation functionality, used by Wifi, in how a user triggers the error path of the ieee80211gtkrekeyadd function. This flaw allows a local user to crash the system...