43 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger a lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in notifiers is problematic, so we skip adding the lapbeth...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bonding: The device was stopped in bondsetupbyslave. The commit 9eed321cde22 "net: lapbether: only support Ethernet devices" was able to keep syzbot away from net/lapb until today. In the following issue 1, a lapbether device...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021602)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021602 advisory. In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 net: lapbether: only support...
SUSE CVE-2026-43103
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: handle NETDEVPRETYPECHANGE lapbethdatatransmit expects the underlying device type to be ARPHRDETHER. Returning NOTIFYBAD from lapbethdeviceevent makes sure bonding driver can not break this expectation...
CVE-2026-43103
A flaw was found in the Linux kernel's lapbether network driver. This vulnerability occurs because the lapbethdatatransmit function expects a specific underlying device type, and without proper handling of network device type changes, this expectation can be violated. This could lead to unexpecte...
EUVD-2026-27616
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: handle NETDEVPRETYPECHANGE lapbethdatatransmit expects the underlying device type to be ARPHRDETHER. Returning NOTIFYBAD from lapbethdeviceevent makes sure bonding driver can not break this expectation...
CVE-2026-43103
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: handle NETDEVPRETYPECHANGE lapbethdatatransmit expects the underlying device type to be ARPHRDETHER. Returning NOTIFYBAD from lapbethdeviceevent makes sure bonding driver can not break this expectation...
PT-2026-37413
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the lapbether network driver where the lapbeth data transmit function expects the underlying device type to be ARPHRD ETHER. The issue is addressed by returning NOTIFY B...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989888)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989888 advisory. In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 net: lapbether: only support...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988806)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988806 advisory. In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 net: lapbether: only support...
EUVD-2025-29058
Malicious code in bioql PyPI...
EUVD-2025-12923
Malicious code in bioql PyPI...
CVE-2025-39796
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...
SUSE CVE-2025-39796
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...
CVE-2025-39796
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...
DEBIAN-CVE-2025-39796
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...
UBUNTU-CVE-2025-39796
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...
CVE-2025-39796
CVE-2025-39796 affects the Linux kernel (net: lapbether: ignore ops-locked netdevs). According to connected sources, Syzkaller-triggered lock dependency via xsk_notify and register_netdevice could occur for notifier chains, with the fix skipping lapbeth for ops-locked devices to break the depende...
CVE-2025-39796 net: lapbether: ignore ops-locked netdevs
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...
CVE-2025-39796 net: lapbether: ignore ops-locked netdevs
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...