Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: ISO: Fixed issues related to locking and validity checks for isoconn. sk-skstate indicates whether isopisk-conn is valid. Operations that check or update skstate and access conn should hold locksock; otherwise, they...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

The dotlsgetsockopt function in net/tls/tlsmain.c in the Linux kernel, up to version 6.2.6, lacks a locksock call, resulting in a race condition. This can lead to a use-after-free issue or a NULL pointer dereferencing...

CVE-2026-46137

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...

CVE-2026-46137

CVE-2026-46137 affects the Linux kernel MPTCP implementation. The mptcp_pm_add_timer() helper runs as a timer callback in softirq context and can race with socket state unless the socket lock is held with bh_lock_sock(). The mitigation is to hold the lock and retry if the socket is in use, mirror...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001739 advisory. In locksocknested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution...

CVE-2023-54142

CVE-2023-54142 affects the Linux kernel gtp: use-after-free in __gtp_encap_destroy(). The issue arises when releasing a socket with sk_user_data after the final reference is dropped, leading to use-after-free as reported by syzkaller. A patch (commit e198987e7dd7) titled “gtp: fix suspicious RCU ...

CVE-2025-39860 Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free in l2capsockcleanuplisten syzbot reported the splat below without a repro. In the splat, a single thread calling btacceptdequeue freed sk and touched it after that. The root cause would be the racy...

Linux Distros Unpatched Vulnerability : CVE-2025-38546

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it to vcc-userback. The code assumes that vccdestroysocket passes...

CVE-2025-38546

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it to vcc-userback. The code assumes that vccdestroysocket passes NULL skb to vcc-push when the socket is closed, and then clippush...

AZL-66344 CVE-2025-38546 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it to vcc-userback. The code assumes that vccdestroysocket passes NULL skb to vcc-push when the socket is closed, and then clippush...

UBUNTU-CVE-2025-38546

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it to vcc-userback. The code assumes that vccdestroysocket passes NULL skb to vcc-push when the socket is closed, and then clippush...

UBUNTU-CVE-2021-46929

In the Linux kernel, the following vulnerability has been resolved: sctp: use callrcu to free endpoint This patch is to delay the endpoint free by calling callrcu to fix another use-after-free issue in sctpsockdump: BUG: KASAN: use-after-free in lockacquire+0x36d9/0x4c20 Call Trace:...

Important: kernel-livepatch-4.14.314-237.533

Issue Overview: dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NULL pointer dereference. CVE-2023-28466 Affected Packages: kernel-livepatch-4.14.314-237.533 Issue Correction: Please ensur...

UBUNTU-CVE-2023-28466

dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NULL pointer dereference...

The vulnerability of the lock_sock_nested() function in Android operating system kernels, which allows a malicious actor to exploit their privileges

The vulnerability of the locksocknested function in Android operating system kernels is related to the use of memory after it is freed due to improper synchronization of the general resource. Exploiting this vulnerability can allow an attacker to enhance their privileges...

SUSE-SU-2022:2482-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040022 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges needed...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:2422-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2422-1 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in...

CVE-2022-20154

In locksocknested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

PT-2021-7274 · Google +2 · Android Kernel +2

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to the use of memory after it has been freed in the lock sock nested function of the Android kernel due to a race condition caused by incorrect...