59 matches found
UBUNTU-CVE-2026-52925
In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...
CVE-2026-52925
The CVE-2026-52925 entry relates to the Linux kernel VRF handling. The vulnerability arose from a race where an RCU reader identifying a net device as a VRF port could dereference l3mdev operations of a master device (e.g., a bridge) after netdev_master_upper_dev_get_rcu() returned it as a VRF de...
Linux Distros Unpatched Vulnerability : CVE-2026-52925
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent ca...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: raw: Fixed a data race around sysctlrawl3mdevaccept. When reading sysctlrawl3mdevaccept, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: vrf: Use RCU protection in l3mdevl3out. l3mdevl3out can be called without RCU being held: rawsendmsg ippushpendingframes ipsendskb iplocalout iplocalout l3mdevipout Add rcureadlock / rcureadunlock pairs to avoid a potential...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: udp: Fixed a data race around the sysctludpl3mdevaccept function. When reading sysctludpl3mdevaccept, it can be changed concurrently. Therefore, we need to add a READONCE call to its reader function...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpl3mdevaccept. When reading sysctltcpl3mdevaccept, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: A suspicious RCU usage warning was fixed in iptunnelinitflow. There are code paths where the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning 1. The issue was fixed...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006636)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006636 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpl3mdevaccept. While reading sysctltcpl3mdevaccept, it can be...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006580)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006580 advisory. In the Linux kernel, the following vulnerability has been resolved: raw: Fix a data-race around sysctlrawl3mdevaccept. While reading sysctlrawl3mdevaccept, it can be...
kernel: vrf: use RCU protection in l3mdev_l3_out()
A use-after-free vulnerability was found in the Linux kernel. l3mdevl3out can be called without RCU being held, causing damage to the availability of the system...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005174)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005174 advisory. In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdevl3out l3mdevl3out can be called without RCU being held: rawsendm...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, there is a fix for a NULL pointer dereference in l3mdevl3rcv. When deleting an l3s ipvlan: ip link del link eth0 ipvlan1 type ipvlan mode l3s This may lead to a NULL pointer dereference. Call trace:...
kernel: vrf: use RCU protection in l3mdev_l3_out()
A use-after-free vulnerability was found in the Linux kernel. l3mdevl3out can be called without RCU being held, causing damage to the availability of the system...
kernel: vrf: use RCU protection in l3mdev_l3_out()
A use-after-free vulnerability was found in the Linux kernel. l3mdevl3out can be called without RCU being held, causing damage to the availability of the system...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989501)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989501 advisory. In the Linux kernel, the following vulnerability has been resolved: raw: Fix a data-race around sysctlrawl3mdevaccept. While reading sysctlrawl3mdevaccept, it can be...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988830)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988830 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpl3mdevaccept. While reading sysctltcpl3mdevaccept, it can be...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989905)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989905 advisory. In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctludpl3mdevaccept. While reading sysctludpl3mdevaccept, it can be...
SUSE SLES15 Security Update : kernel (Live Patch 23 for SLE 15 SP5) (SUSE-SU-2025:03555-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03555-1 advisory. This update for the Linux Kernel 5.14.21-1505005594 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc:...
SUSE SLES15 Security Update : kernel (Live Patch 19 for SLE 15 SP5) (SUSE-SU-2025:03553-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03553-1 advisory. This update for the Linux Kernel 5.14.21-1505005580 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc:...