Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/ipv6: avoided a possible Use After Free UAF in ip6routempathnotify syzbot discovered another use-after-free in ip6routempath Notify. 1 The commit f7225172f25a “net/ipv6: prevent use after free in ip6routempath Notify” fail...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001890)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001890 advisory. The ip6routeadd function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to caus...

Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024188 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651...

kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify()

A use-after-free flaw was found in ip6routempathnotify in the Linux kernel. This may lead to a crash...

CLSA-2024-1722533082 kernel: Fix of 47 CVEs

afunix: Fix garbage collector racing against connect CVE-2024-26923 - netfilter: nftlimit: reject configurations that cause integer overflow CVE-2024-26668 - libbpf: Fix use-after-free in btfdumpnamedups CVE-2022-3534 - bpf: Fix partial dynptr stack slot reads/writes CVE-2023-39191 - ima: Fix...

kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify()

A use-after-free flaw was found in ip6routempathnotify in the Linux kernel. This may lead to a crash...

SUSE-SU-2024:2205-1 Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005539 fixes several issues. The following security issues were fixed: - CVE-2023-6931: Fixed an out of bounds write in the Performance Events subsystem when adding a new event bsc1218259. - CVE-2024-26852: Fixed use-after-free in ip6routempathnotify...

SUSE-SU-2024:2202-1 Security update for the Linux Kernel (Live Patch 51 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122186 fixes several issues. The following security issues were fixed: - CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets bsc1220537. - CVE-2023-6931: Fixed an out of bounds write in the Performance Events subsyst...

SUSE CVE-2024-26852

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6routempathnotify syzbot found another use-after-free in ip6routempathnotify 1 Commit f7225172f25a "net/ipv6: prevent use after free in ip6routempathnotify" was not able to fix the root cause. We...

DEBIAN-CVE-2024-26852

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6routempathnotify syzbot found another use-after-free in ip6routempathnotify 1 Commit f7225172f25a "net/ipv6: prevent use after free in ip6routempathnotify" was not able to fix the root cause. We...

PT-2022-36238 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.78 Description: The issue is related to a warning in the ip6 route net exit late function. The actual impact and attack plausibility have not yet been proven. It was introduced in version v2.6.26 and fixed...

UBUNTU-CVE-2014-2309

The ip6routeadd function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service memory consumption via a flood of ICMPv6 Router Advertisement packets...