58 matches found
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: fddi: fixed a Use-after-Free UAF issue in fzaprobe. The fp field is private data of netdev, and it cannot be used after the freenetdev call. Using fp after freenetdev can cause a UAF bug. This issue was fixed by moving the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix use-after-free in freenetdev We do netifnapiadd for all allocated qvectors, but potentially do netifnapidel for part of them, then kfree qvectors and leave invalid pointers at dev-napilist. Reproducer: root@host cat...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: wwan: mhi: fix memory leak in mhimbimdellink MHI driver registers network device without setting the needsfreenetdev flag, and does NOT call freenetdev when unregisters network device, which causes a memory leak. This patch...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: mhi: Fix memory leak in mhinetdellink MHI driver registers network device without setting the needsfreenetdev flag, and does NOT call freenetdev when unregisters network device, which causes a memory leak. This patch calls...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipcwwandellink IOSM driver registers network device without setting the needsfreenetdev flag, and does NOT call freenetdev when unregisters network device, which causes a memory leak. This patc...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: hamradio: fix memory leak in mkissclose My local syzbot instance hit memory leak in mkissopen1. The problem was in missing freenetdev in mkissclose. In mkissopen netdevice is allocated and then registered, but in mkissclose...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007282)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007282 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dpaa2-eth: fix use-after-free in dpaa2ethremove Access to netdev after freenetdev will cause...
CVE-2026-23273 macvlan: observe an RCU grace period in macvlan_common_newlink() error path
In the Linux kernel, the following vulnerability has been resolved: macvlan: observe an RCU grace period in macvlancommonnewlink error path valis reported that a race condition still happens after my prior patch. macvlancommonnewlink might have made @dev visible before detecting an error, and its...
SUSE CVE-2025-68312
In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...
CVE-2025-68312
In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...
UBUNTU-CVE-2025-68312
In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...
CVE-2025-68312
In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...
CVE-2025-68312
CVE-2025-68312 affects the Linux kernel usbnet subsystem. Root cause: during usbnet probing, usbnet_link_change(dev,0,0) queues a kevent on the global workqueue, which may still be active when the device is unregistered, causing a potential free of an active kevent object. The added fix cancels t...
kernel: idpf: check error for register_netdev() on init
In the Linux kernel, the following vulnerability has been resolved: idpf: check error for registernetdev on init Current init logic ignores the error code from registernetdev, which will cause WARNON on attempt to unregister it, if there was one, and there is no info for the user that the creatio...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990114)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990114 advisory. In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emacremove adpt is netdev private data and it cannot be used after...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990051)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990051 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fddi: fix UAF in fzaprobe fp is netdev private data and it cannot be used after freenetdev...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988776)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988776 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hamradio: fix memory leak in mkissclose My local syzbot instance hit memory leak in...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989167)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989167 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ecbhfremove static void ecbhfremovestruct pcidev...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988963)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988963 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlanremoveone priv is netdev private data and it cannot be used after...
CVE-2025-39956
In the Linux kernel, the following vulnerability has been resolved: igc: don't fail igcprobe on LED setup error When igcledsetup fails, igcprobe fails and triggers kernel panic in freenetdev since unregisternetdev is not called. 1 This behavior can be tested using fault-injection framework,...