Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001555 advisory. net/nfc/llcpsock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service NULL pointer dereference and BUG by making a...

SUSE CVE-2025-40139

In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in in smcclcprfxset. smcclcprfxset is called during connect and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and devdstrcu under rcureadlock after...

EUVD-2025-124944

In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in in smcclcprfxset. smcclcprfxset is called during connect and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and devdstrcu under rcureadlock after...

UBUNTU-CVE-2025-40139

In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in in smcclcprfxset. smcclcprfxset is called during connect and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and devdstrcu under rcureadlock after...

CVE-2025-40139 smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set().

In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in in smcclcprfxset. smcclcprfxset is called during connect and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and devdstrcu under rcureadlock after...

CVE-2023-53643

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: don't access released socket during error recovery While the error recovery work is temporarily failing reconnect attempts, running the 'nvme list' command causes a kernel NULL pointer dereference by calling getsockname...

CVE-2023-53643

CVE-2023-53643 affects the Linux kernel’s nvme-tcp path. When error recovery runs, the nvme TCP socket is released and a new one is created; if a user runs a command like nvme list, it may dereference a released socket via getsockname(), causing a kernel NULL pointer dereference. The issue is tie...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414555 advisory. net/nfc/llcpsock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service NULL pointer dereference and BUG by making a...

Linux Distros Unpatched Vulnerability : CVE-2021-38208

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/nfc/llcpsock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service NULL pointer dereference and BUG by making a...

SUSE CVE-2006-1342

net/ipv4/afinet.c in Linux kernel 2.4 does not clear sockaddrin.sinzero before returning IPv4 socket names from the 1 getsockname, 2 getpeername, and 3 accept functions, which allows local users to obtain portions of potentially sensitive memory...

SUSE CVE-2009-3002

The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...

net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.

...

DEBIAN-CVE-2021-38208

net/nfc/llcpsock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service NULL pointer dereference and BUG by making a getsockname call after a certain type of failure of a bind call...

AZL-6592 CVE-2021-38208 affecting package kernel for versions less than 5.10.78.1-1

net/nfc/llcpsock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service NULL pointer dereference and BUG by making a getsockname call after a certain type of failure of a bind call...

UBUNTU-CVE-2021-38208

net/nfc/llcpsock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service NULL pointer dereference and BUG by making a getsockname call after a certain type of failure of a bind call...

Null pointer dereference

net/nfc/llcpsock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service NULL pointer dereference and BUG by making a getsockname call after a certain type of failure of a bind call...

Linux Kernel < 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure Exploit

No description provided by source. / cve-2009-3002.c Linux Kernel 2.6.31-rc7 AFIRDA getsockname 29-Byte Stack Disclosure Jon Oberheide [email protected] http://jon.oberheide.org Information: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3002 The Linux kernel before 2.6.31-rc7 does not...

Linux Kernel <= 2.6.30 atalk_getname() 8-bytes Stack Disclosure Exploit

No description provided by source. / appleak.c Linux keunouille = 2.6.30 AppleTalk getsockname 8-bytes kernel stack disclosure http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3d392475c873c10c10d6d96b94d092a34ebd4791 atalkgetname can leak 8 bytes of kernel memory to use...

Linux Kernel <= 2.6.31-rc7 AF_LLC getsockname 5-Byte Stack Disclosure

No description provided by source. / llc-getsockname-leak.c Linux Kernel = 2.6.31-rc7 AFLLC getsockname 5-Byte Stack Disclosure Jon Oberheide [email protected] http://jon.oberheide.org Information: http://git.kernel.org/linus/28e9fc592cb8c7a43e4d3147b38be6032a0e81bc sllcarphrd member of sockaddrl...

Unbreakable Enterprise Kernel security update

kernel-uek 2.6.32-400.33.3uek - afkey: fix info leaks in notify messages Mathias Krause Orabug: 17837974 CVE-2013-2234 - drivers/cdrom/cdrom.c: use kzalloc for failing hardware Jonathan Salwan Orabug: 17837971 CVE-2013-2164 - fs/compatioctl.c: VIDEOSETSPUPALETTE missing error check Kees Cook...