Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net:cpswnew: The ndosetrxmode callback is executed within a work queue. Commit 1767bb2d47b7 “ipv6: mcast: Do not hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP.” removed the RTNL lock for these operations. However, this chang...

FreeBSD Security Advisory - FreeBSD-SA-26:29.ip6_multicast

FreeBSD Security Advisory - The kernel handler for IPV6MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window another thread could free the multicast filter structure, leaving the handler with a stale pointer to fre...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: Ensure that we call ipv6mcdown at most once. There are two reasons why addrconfnotify is called with NETDEVDOWN: Either the network device is actually going down, or IPv6 was disabled on the interface. If either of the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ip6mr: Fixed the UAF issue in ip6mrskDone, where a invalid pointer access occurred when addrconfinitnet failed. If the initialization fails during the call to addrconfinitnet, devconfall is a pointer that has been released...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...

K000160221: Linux kernel vulnerability CVE-2025-38550

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc-idev in mlddeldelrec pmc-idev is still used in ip6mcclearsrc, so as mldcleardelrec does, the reference should be put after ip6mcclearsrc return. CVE-2025-38550 Impact There...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005512)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005512 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ensure we call ipv6mcdown at most once There are two reasons for addrconfnotify to be...

Server-side Request Forgery (SSRF)

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the SSRF IP classification. An attacker can access unintended network resources by supplying IPv6 multicast addresses that bypass address classificati...

OpenClaw has a IPv6 multicast SSRF classifier bypass

Summary OpenClaw's SSRF IP classifier did not treat IPv6 multicast literals ff00::/8 as blocked/private-internal. This allowed literal multicast hosts to pass SSRF preflight checks. Impact A bypass in address classification existed for IPv6 multicast literals. OpenClaw's network fetch/navigation...

SUSE CVE-2026-23175

In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Execute ndosetrxmode callback in a work queue Commit 1767bb2d47b7 "ipv6: mcast: Don't hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP." removed the RTNL lock for IPV6ADDMEMBERSHIP and MCASTJOINGROUP operations...

UBUNTU-CVE-2026-23203

In the Linux kernel, the following vulnerability has been resolved: net: cpswnew: Execute ndosetrxmode callback in a work queue Commit 1767bb2d47b7 "ipv6: mcast: Don't hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP." removed the RTNL lock for IPV6ADDMEMBERSHIP and MCASTJOINGROUP operations...

CVE-2026-23175 net: cpsw: Execute ndo_set_rx_mode callback in a work queue

In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Execute ndosetrxmode callback in a work queue Commit 1767bb2d47b7 "ipv6: mcast: Don't hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP." removed the RTNL lock for IPV6ADDMEMBERSHIP and MCASTJOINGROUP operations...

PT-2026-8211

In the Linux kernel, the following vulnerability has been resolved: net: cpsw new: Execute ndo set rx mode callback in a work queue Commit 1767bb2d47b7 "ipv6: mcast: Don't hold RTNL for IPV6 ADD MEMBERSHIP and MCAST JOIN GROUP." removed the RTNL lock for IPV6 ADD MEMBERSHIP and MCAST JOIN GROUP...

Linux Distros Unpatched Vulnerability : CVE-2026-23175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: cpsw: Execute ndosetrxmode callback in a work queue Commit 1767bb2d47b7 ipv6: mcast: Don't hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP. removed the...

CLSA-2026-1768669128 kernel: Fix of 39 CVEs

Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times CVE-2022-50419 - firewire: net: fix use after free in fwnetfinishincomingpacket CVE-2023-53432 - wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstartxmit CVE-2022-50408 - wifi: brcmfmac: slab-out-of-bounds read in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003128)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003128 advisory. An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land an...

UBUNTU-CVE-2025-71098

In the Linux kernel, the following vulnerability has been resolved: ip6gre: make ip6greheader robust Over the years, syzbot found many ways to crash the kernel in ip6greheader 1. This involves team or bonding drivers ability to dynamically change their dev-neededheadroom and/or dev-hardheaderlen ...

MiracleLinux 9 : kernel-5.14.0-570.44.1.el9_6 (AXSA:2025-10900:71)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10900:71 advisory. kernel: ipv6: mcast: Delay put pmc-idev in mlddeldelrec CVE-2025-38550 Tenable has extracted the preceding description block directly from the MiracleLinux...

RHEL 8 : kernel (RHSA-2025:23463)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23463 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ethtool: check device is...

RHEL 8 : kernel (RHSA-2025:14985)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14985 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipv6: mcast: extend RCU...