RockyLinux 8 : kernel (RLSA-2025:11455)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:11455 advisory. kernel: tcp/dccp: Don't use timerpending in reqskqueueunlink. CVE-2024-50154 kernel: net: ch9200: fix uninitialised access during miinwayrestart...

CVE-2025-38463 tcp: Correct signedness in skb remaining space calculation

In the Linux kernel, the following vulnerability has been resolved: tcp: Correct signedness in skb remaining space calculation Syzkaller reported a bug 1 where sk-skforwardalloc can overflow. When we send data, if an skb exists at the tail of the write queue, the kernel will attempt to append the...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: tcp/dccp: Don't use timerpending in reqskqueueunlink. CVE-2024-50154 kernel: net: ch9200: fix uninitialised access during miinwayrestart CVE-2025-38086 For more details about the security...

CVE-2022-49630

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be changed concurrently. Thus, we need to add READONCE to its reader...

CVE-2022-49598 tcp: Fix data-races around sysctl_tcp_mtu_probing.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpmtuprobing. While reading sysctltcpmtuprobing, it can be changed concurrently. Thus, we need to add READONCE to its readers...

CVE-2022-49587 tcp: Fix a data-race around sysctl_tcp_notsent_lowat.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpnotsentlowat. While reading sysctltcpnotsentlowat, it can be changed concurrently. Thus, we need to add READONCE to its reader...

CVE-2022-49204 bpf, sockmap: Fix more uncharged while msg has more_data

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix more uncharged while msg has moredata In tcpbpfsendverdict, if msg has more data after tcpbpfsendmsgredir: tcpbpfsendverdict tosend = msg-sg.size //msg-sg.size = 22220 case SKREDIRECT: skmsgreturn //uncharged...

CVE-2024-54680

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix TCP timers deadlock after rmmod Commit ef7134c7fc48 "smb: client: Fix use-after-free of network namespace." fixed a netns UAF by manually enabled socket refcounting sk-sknetrefcnt=1 and sockinuseaddnet, 1. The...

SUSE CVE-2024-53206

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix use-after-free of nreq in reqsktimerhandler. The cited commit replaced inetcskreqskqueuedropandput with inetcskreqskqueuedrop and reqskput in reqsktimerhandler. Then, oreq should be passed to reqskput instead of req;...

AZL-52987 CVE-2024-50154 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0 in reqsktimerhandler. """ We are seeing a use-after-free from a bpf prog attached to tracetcpretransmitsynack. The program passes th...

kernel: tcp_metrics: validate source addr length

A vulnerability was found in the Linux kernel's tcpmetrics.c, where insufficient validation of the length of the source address for TCP metrics could lead to incorrect memory read out of boundary read...

CVE-2024-26864

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix refcnt handling in inethashconnect. syzbot reported a warning in sknullsdelnodeinitrcu. The commit 66b60b0c8c4a "dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished." tried to fix an issue that a...

CVE-2024-26864

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix refcnt handling in inethashconnect. syzbot reported a warning in sknullsdelnodeinitrcu. The commit 66b60b0c8c4a "dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished." tried to fix an issue that a...

CVE-2024-26640

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to canmapfrag these additional checks: - Page must not be a compound one....

CVE-2022-32296

The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 "Double-Hash Port Selection Algorithm" of RFC 6056...

KLA11586 Linux Kernel TCP SACK Denial of Service Vulnerability

Various vulnerabilities was found in Linux Kernel. Microsoft adresses the various effects of these vulnerabilities and provides links to more information: 1. If you are running a Linux kernel in your Azure environment, you should contact the provider of that Linux kernel to understand their...