603 matches found
EUVD-2026-5916
In the Linux kernel, the following vulnerability has been resolved: l2tp: avoid one data-race in l2tptunneldelwork We should read sk-sksocket only when dealing with kernel sockets. syzbot reported the following data-race: BUG: KCSAN: data-race in l2tptunneldelwork / skcommonrelease write to...
CVE-2026-23120
In the Linux kernel, the following vulnerability has been resolved: l2tp: avoid one data-race in l2tptunneldelwork We should read sk-sksocket only when dealing with kernel sockets. syzbot reported the following data-race: BUG: KCSAN: data-race in l2tptunneldelwork / skcommonrelease write to...
CVE-2026-23120
Technical details for CVE-2026-23120 are not provided in the connected documents. The Initial Description summarizes the race but does not specify affected products or fixes. Monitor vendor advisories for concrete remediation guidance.
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the data competition between l2tptunneldelwork and sk-sksocket in l2tp, potentially leading to...
SUSE CVE-2026-23072
In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tpudpencaprecv. syzbot reported memleak of struct l2tpsession, l2tptunnel, sock, etc. 0 The cited commit moved down the validation of the protocol version in l2tpudpencaprecv. The new place requires an extr...
UBUNTU-CVE-2026-23072
In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tpudpencaprecv. syzbot reported memleak of struct l2tpsession, l2tptunnel, sock, etc. 0 The cited commit moved down the validation of the protocol version in l2tpudpencaprecv. The new place requires an extr...
CVE-2026-23072
In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tpudpencaprecv. syzbot reported memleak of struct l2tpsession, l2tptunnel, sock, etc. 0 The cited commit moved down the validation of the protocol version in l2tpudpencaprecv. The new place requires an extr...
CVE-2026-23072
CVE-2026-23072: Linux kernel l2tp memleak in l2tp_udp_encap_recv() fixed by adding proper error handling after protocol version validation; the patch ensures l2tp_session_put() is called to avoid leaking objects (l2tp_session, l2tp_tunnel, sock). References indicate the commit addresses a memory‑...
EUVD-2026-5472
In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tpudpencaprecv. syzbot reported memleak of struct l2tpsession, l2tptunnel, sock, etc. 0 The cited commit moved down the validation of the protocol version in l2tpudpencaprecv. The new place requires an extr...
Linux Distros Unpatched Vulnerability : CVE-2026-23072
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - l2tp: Fix memleak in l2tpudpencaprecv. syzbot reported memleak of struct l2tpsession, l2tptunnel, sock, etc. 0 The cited commit moved down the validation of the...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004132)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004132 advisory. In pppol2tpcreate of l2tpppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004247)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004247 advisory. In l2tpsessiondelete and related functions of l2tpcore.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privile...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001635)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001635 advisory. In l2tpsessiondelete and related functions of l2tpcore.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privile...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003835)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003835 advisory. In l2tpsessiondelete and related functions of l2tpcore.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privile...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004244)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004244 advisory. In the l2tp subsystem, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004034)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004034 advisory. In the l2tp subsystem, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges...
MiracleLinux 7 : kernel-3.10.0-1062.el7 (AXSA:2019-4338:05)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4338:05 advisory. Kernel: vhostnet: infinite loop while receiving packets leads to DoS CVE-2019-3900 Kernel: page cache side channel attacks CVE-2019-5489 kernel:...
NetworkManager-applet-l2tp-1.52.0-1.1 on GA media (moderate)
NetworkManager-applet-l2tp-1.52.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10051-1 Rating: moderate Cross-References: CVE-2025-9615 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
OPENSUSE-SU-2026:10051-1 NetworkManager-applet-l2tp-1.52.0-1.1 on GA media
These are all security issues fixed in the NetworkManager-applet-l2tp-1.52.0-1.1 package on the GA media of openSUSE Tumbleweed...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002205)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002205 advisory. The l2tpiprecvmsg function in net/l2tp/l2tpip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure ha...