Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fixed an invalid unregistererrorpath path. The error path of seg6init is incorrect when the CONFIGIPV6SEG6LWTUNNEL configuration option is not defined. In such cases, if seg6hmacinit fails, the genlunregisterfamily...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: genetlink: Fixed the issue where genlbind invokes bind after -EPERM. Callbacks for bind and unbind were introduced to allow systems to track the presence of multicast group consumers. For example, these callbacks can be used to...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: gtp: Fixed use-after-free and null-ptr-deref issues in gtpgenldumppdp. The gtpnetops pernet operations structure for the subsystem must be registered before registering the generic netlink family. Syzkaller reported a “general...

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net-shapers: Do not free the reply skb after genlmsgreply. genlmsgreply passes the reply skb to netlink, and netlinkunicast consumes it on all return paths, regardless of whether the skb is successfully queued or freed due to an...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ethtool: eeprom: fixed the null-dereference on genlinfo in the dump. A similar fix, as described in commit 46cdedf2a0fa “ethtool: pse-pd: fixed the null-dereference on genlinfo in the dump”, is also required for ethtool eeprom...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: thermal-netlink: Prevent userspace segmentation faults by adjusting the UAPI header. The intel-lpmd tool 1, which uses the THERMALGENLATTRCPUCAPABILITY attribute to receive HFI events from the kernel space, encounters a...

ROS-20260313-73-0020

A vulnerability in the nbdgenlconnect function of the nbd component of the Linux operating system kernel is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003615)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003615 advisory. An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idralloc fails in genlregisterfamily in net/netlink/genetlink.c. Tenable...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003642 advisory. A NULL pointer dereference vulnerability in the function nfcgenldeactivatetarget in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicio...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000299)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000299 advisory. A NULL pointer dereference vulnerability in the function nfcgenldeactivatetarget in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicio...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992189)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992189 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of seio context in nfcgenlseio The callback context for sending/receiving...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992243)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992243 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of seio context in nfcgenlseio The callback context for sending/receiving...

CVE-2025-68366

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

CVE-2025-68366 nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improperly configuring the timing of unlocking in nbdgenlconnect, which could lead to reuse after release...