Astra Linux - уязвимость в linux, linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed a potential “struct net” leak in inet6rtmgetaddr. It appears that if the user space provides a correct IFATARGETNETNSID value, but no IFAADDRESS or IFALOCAL attributes are set, inet6rtmgetaddr will return -EINVAL, alo...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021571)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021571 advisory. In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006936)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006936 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential struct net leak in inet6rtmgetaddr It seems that if userspace provides a...

EUVD-2026-21085

An Incorrect Initialization of Resource vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX Series and QFX Series device allows an unauthenticated, network-based attacker to cause an integrity impact to downstream networks. When the same family inet or...

CVE-2026-33773 Junos OS: EX Series, QFX Series: If the same egress filter is configured on both an IRB and a physical interface one of those is not applied

An Incorrect Initialization of Resource vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX Series and QFX Series device allows an unauthenticated, network-based attacker to cause an integrity impact to downstream networks. When the same family inet or...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006772)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006772 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential struct net leak in inet6rtmgetaddr It seems that if userspace provides a...

CVE-2026-25833

CVE-2026-25833 affects Mbed TLS; a buffer overflow exists in the x509_inet_pton_ipv6() function. Vulnerable versions are 3.5.0–3.6.5. The issue is fixed in 3.6.6 and in 4.1.0. Remediate by upgrading to one of these fixed releases. No exploitation details are provided in the available documents.

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-40257: mptcp: fix a race in mptcppmdeladdtimer bsc1254842. CVE-2025-40259: scsi: sg: Do not sleep in atomic context bsc1254845. CVE-2025-68284: libceph: prevent...

SUSE-SU-2026:0471-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-40257: mptcp: fix a race in mptcppmdeladdtimer bsc1254842. - CVE-2025-40259: scsi: sg: Do not sleep in atomic context bsc1254845. - CVE-2025-68284: libceph:...

UBUNTU-CVE-2026-23010

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in inet6addrdel. syzbot reported use-after-free of inet6ifaddr in inet6addrdel. 0 The cited commit accidentally moved ipv6deladdr for mngtmpaddr before reading its ifp-flags for temporary addresses in...

Siemens SIMATIC S7-1500 Use After Free (CVE-2024-56600)

net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated sk pointer to the provided sock object. If inet6create fails later, the sk object is released, but the sock object retains the dangling sk pointer, which may cause use-after-free later. Clear the soc...

Linux Distros Unpatched Vulnerability : CVE-2023-53477

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: Add lwtunnel encap size of all siblings in nexthop calculation In function rt6nlmsgsize, the length of nexthop is calculated by multipling the nexthop...

SUSE CVE-2025-38638

In the Linux kernel, the following vulnerability has been resolved: ipv6: add a retry logic in net6rtnotify inet6rtnotify can be called under RCU protection only. This means the route could be changed concurrently and rt6fillnode could return -EMSGSIZE. Re-size the skb when this happens and retry...

CVE-2025-38638 ipv6: add a retry logic in net6_rt_notify()

In the Linux kernel, the following vulnerability has been resolved: ipv6: add a retry logic in net6rtnotify inet6rtnotify can be called under RCU protection only. This means the route could be changed concurrently and rt6fillnode could return -EMSGSIZE. Re-size the skb when this happens and retry...

SUSE-SU-2025:20341-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_4

This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: - CVE-2024-53237: Bluetooth: fix use-after-free in deviceforeachchild bsc1235008 - CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431 - CVE-2024-56600: net: inet6: do not leave a dangling s...

SUSE-SU-2025:20369-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_4

This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: - CVE-2024-53237: Bluetooth: fix use-after-free in deviceforeachchild bsc1235008 - CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431 - CVE-2024-56600: net: inet6: do not leave a dangling s...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_4

This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: CVE-2024-53237: Bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431 CVE-2024-56600: net: inet6: do not leave a dangling sk...

UBUNTU-CVE-2025-37894

In the Linux kernel, the following vulnerability has been resolved: net: use sockgenput when skstate is TCPTIMEWAIT It is possible for a pointer of type struct inettimewaitsock to be returned from the functions inetlookupestablished and inet6lookupestablished. This can cause a crash when the...

SUSE-SU-2025:20187-1 Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: - CVE-2024-56600: net: inet6: Fixed dangling sk pointer in inet6create bsc1235218. - CVE-2024-57882: mptcp: Fixed TCP options overflow bsc1235916...

Security update for the Linux Kernel (Live Patch 52 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059188 fixes several issues. The following security issues were fixed: CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check for DH bsc1238790. CVE-2024-56600: net: inet6: do not leave a danglin...