Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001723)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001723 advisory. dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NULL...

CVE-2023-54164 Bluetooth: ISO: fix iso_conn related locking and validity issues

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

SUSE CVE-2023-54142

In the Linux kernel, the following vulnerability has been resolved: gtp: Fix use-after-free in gtpencapdestroy. syzkaller reported use-after-free in gtpencapdestroy. 0 It shows the same process freed sk and touched it illegally. Commit e198987e7dd7 "gtp: fix suspicious RCU usage" added locksock a...

CVE-2021-46929

In the Linux kernel, the following vulnerability has been resolved: sctp: use callrcu to free endpoint This patch is to delay the endpoint free by calling callrcu to fix another use-after-free issue in sctpsockdump: BUG: KASAN: use-after-free in lockacquire+0x36d9/0x4c20 Call Trace:...

Rocky Linux 8 : kernel (RLSA-2023:3847)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:3847 advisory. - dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NU...

Oracle Linux 8 : kernel (ELSA-2023-3847)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3847 advisory. - net: tls: fix possible race condition between dotlsgetsockoptconf and dotlssetsockoptconf Hangyu Hua CVE-2023-28466 Tenable has extracted the preceding...

Race condition

dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NULL pointer dereference...

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A code issue vulnerability exists in Linux kernel version 6.2.6 and earlier versions, which stems from a missing locksock call in the dotlsgetsockopt function in...

CVE-2023-28466

dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NULL pointer dereference...

Kernel update: Virtuozzo ReadyKernel patch 58.0 for Virtuozzo 7.0.8

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to the kernel 3.10.0-862.9.1.vz7.63.3 7.0.8. Vulnerability id: PSBM-87858 Haproxy processes were getting stuck in D state in locksock. Vulnerability id: PSBM-87877 It was found that rpcgethdr function...

Linux af_packet.c race condition (local root) (CVE-2016-8655)

To create AFPACKET sockets you need CAPNETRAW in your network namespace, which can be acquired by unprivileged processes on systems where unprivileged namespaces are enabled Ubuntu, Fedora, etc. It can be triggered from within containers to compromise the host kernel. On Android, processes with...