34 matches found
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nfc: fixed a segfault in nfcgenldumpdevicesdone When kmalloc in nfcgenldumpdevices fails, nfcgenldumpdevicesdone causes a segfault as follows: KASAN: null-ptr-deref in range 0x0000000000000008-0x000000000000000f CPU: 0 PID: 25...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: sr – fixed possible use-after-free and nullptrderef issues. The pernet operations structure for the subsystem must be registered before registering the generic netlink family...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: nbd: The function genlunregisterfamily is called first in nbdcleanup. Otherwise, there may be a race between the removal of the module and the handling of the netlink command, which can lead to an oops as shown below: BUG: Kernel...
PT-2026-27686
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to find a combination of actions that was generating this warning: msk-pm.local addr used == 0 WARNING: net/mptcp/pm kernel.c:1071 at mark subflow en...
CVE-2025-68366
In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...
EUVD-2025-203745
In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fills entry-response...
CVE-2025-68263
In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fills entry-response...
CVE-2025-68263 ksmbd: ipc: fix use-after-free in ipc_msg_send_request
In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fills entry-response...
CVE-2025-68263 ksmbd: ipc: fix use-after-free in ipc_msg_send_request
In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fills entry-response...
CVE-2022-50651 ethtool: eeprom: fix null-deref on genl_info in dump
In the Linux kernel, the following vulnerability has been resolved: ethtool: eeprom: fix null-deref on genlinfo in dump The similar fix as commit 46cdedf2a0fa "ethtool: pse-pd: fix null-deref on genlinfo in dump" is also needed for ethtool eeprom...
CVE-2022-50651
In the Linux kernel, the following vulnerability has been resolved: ethtool: eeprom: fix null-deref on genlinfo in dump The similar fix as commit 46cdedf2a0fa "ethtool: pse-pd: fix null-deref on genlinfo in dump" is also needed for ethtool eeprom...
CVE-2022-50651
CVE-2022-50651 relates to the Linux kernel ethtool: eeprom dump path, where a null-deref on genl_info in dump was addressed. The vulnerability resolution references a similar fix in ethtool pse-pd and states that a corresponding patch for ethtool eeprom was needed. Public details consistently des...
PT-2025-49631
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's ethtool component related to handling eeprom data. Specifically, a null dereference can occur on genl info during a dump operation. This issue is...
PT-2025-52902
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the nbd genl connect function. This occurs when handling NBD CMD CONNECT and NBD CLEAR SOCK operations, specifically related to th...
CVE-2023-53298
In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of seio context in nfcgenlseio The callback context for sending/receiving APDUs to/from the selected secure element is allocated inside nfcgenlseio and supposed to be eventually freed in seiocb callback...
nbd: fix uaf in nbd_genl_connect() error path
...
CVE-2022-50042
In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies fails when recording non-first policy we need to unwind. netlinkpolicydumpaddpolicy itself also needs fixing as it currently gives u...
CVE-2025-21840 thermal/netlink: Prevent userspace segmentation fault by adjusting UAPI header
In the Linux kernel, the following vulnerability has been resolved: thermal/netlink: Prevent userspace segmentation fault by adjusting UAPI header The intel-lpmd tool 1, which uses the THERMALGENLATTRCPUCAPABILITY attribute to receive HFI events from kernel space, encounters a segmentation fault...
CVE-2022-49295 nbd: call genl_unregister_family() first in nbd_cleanup()
In the Linux kernel, the following vulnerability has been resolved: nbd: call genlunregisterfamily first in nbdcleanup Otherwise there may be race between module removal and the handling of netlink command, which can lead to the oops as shown below: BUG: kernel NULL pointer dereference, address:...
UBUNTU-CVE-2025-21659
In the Linux kernel, the following vulnerability has been resolved: netdev: prevent accessing NAPI instances from another namespace The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. The netlink API must ensure that at the very least NAPI...