40 matches found
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nfc: fixed a segfault in nfcgenldumpdevicesdone When kmalloc in nfcgenldumpdevices fails, nfcgenldumpdevicesdone causes a segfault as follows: KASAN: null-ptr-deref in range 0x0000000000000008-0x000000000000000f CPU: 0 PID: 25...
kernel: nbd: defer config unlock in nbd_genl_connect
In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...
kernel: nbd: defer config unlock in nbd_genl_connect
In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...
kernel: nbd: defer config unlock in nbd_genl_connect
In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...
kernel: nbd: defer config unlock in nbd_genl_connect
In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...
kernel: nbd: defer config unlock in nbd_genl_connect
In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: sr – fixed possible use-after-free and nullptrderef issues. The pernet operations structure for the subsystem must be registered before registering the generic netlink family...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nbd: The function genlunregisterfamily is called first in nbdcleanup. Otherwise, there may be a race between the removal of the module and the handling of the netlink command, which can lead to an oops as shown below: BUG: Kernel...
PT-2026-27686
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to find a combination of actions that was generating this warning: msk-pm.local addr used == 0 WARNING: net/mptcp/pm kernel.c:1071 at mark subflow en...
CVE-2025-68366
In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...
EUVD-2025-203745
In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fills entry-response...
CVE-2025-68263
In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fills entry-response...
CVE-2025-68263 ksmbd: ipc: fix use-after-free in ipc_msg_send_request
In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fills entry-response...
CVE-2025-68263 ksmbd: ipc: fix use-after-free in ipc_msg_send_request
In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fills entry-response...
CVE-2022-50651
CVE-2022-50651 relates to the Linux kernel ethtool: eeprom dump path, where a null-deref on genl_info in dump was addressed. The vulnerability resolution references a similar fix in ethtool pse-pd and states that a corresponding patch for ethtool eeprom was needed. Public details consistently des...
CVE-2022-50651
In the Linux kernel, the following vulnerability has been resolved: ethtool: eeprom: fix null-deref on genlinfo in dump The similar fix as commit 46cdedf2a0fa "ethtool: pse-pd: fix null-deref on genlinfo in dump" is also needed for ethtool eeprom...
CVE-2022-50651 ethtool: eeprom: fix null-deref on genl_info in dump
In the Linux kernel, the following vulnerability has been resolved: ethtool: eeprom: fix null-deref on genlinfo in dump The similar fix as commit 46cdedf2a0fa "ethtool: pse-pd: fix null-deref on genlinfo in dump" is also needed for ethtool eeprom...
PT-2025-49631
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's ethtool component related to handling eeprom data. Specifically, a null dereference can occur on genl info during a dump operation. This issue is...
PT-2025-52902
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the nbd genl connect function. This occurs when handling NBD CMD CONNECT and NBD CLEAR SOCK operations, specifically related to th...
CVE-2023-53298
In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of seio context in nfcgenlseio The callback context for sending/receiving APDUs to/from the selected secure element is allocated inside nfcgenlseio and supposed to be eventually freed in seiocb callback...