603 matches found
EUVD-2026-27590
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in xfrmmigratepolicyfind syzkaller reported a memory leak in xfrmpolicyalloc: BUG: memory leak unreferenced object 0xffff888114d79000 size 1024: comm "syz.1.17", pid 931 ... xfrmpolicyalloc+0xb3/0x4b0...
EUVD-2026-27586
In the Linux kernel, the following vulnerability has been resolved: net: afkey: zero aligned sockaddr tail in PFKEY exports PFKEY export paths use pfkeysockaddrsize when reserving sockaddr payload space, so IPv6 addresses occupy 32 bytes on the wire. However, pfkeysockaddrfill initializes only th...
CVE-2026-43090
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in xfrmmigratepolicyfind syzkaller reported a memory leak in xfrmpolicyalloc: BUG: memory leak unreferenced object 0xffff888114d79000 size 1024: comm "syz.1.17", pid 931 ... xfrmpolicyalloc+0xb3/0x4b0...
CVE-2026-43090
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in xfrmmigratepolicyfind syzkaller reported a memory leak in xfrmpolicyalloc: BUG: memory leak unreferenced object 0xffff888114d79000 size 1024: comm "syz.1.17", pid 931 ... xfrmpolicyalloc+0xb3/0x4b0...
CVE-2026-43090
CVE-2026-43090 concerns a Linux kernel memory-leak in the XFRM subsystem. The root cause is a double call to xfrm_pol_hold_rcu() inside xfrm_migrate_policy_find(), even though the lookup function already returns a policy with a held reference. This leads to a refcount imbalance and memory leak of...
CVE-2026-43090
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in xfrmmigratepolicyfind syzkaller reported a memory leak in xfrmpolicyalloc: BUG: memory leak unreferenced object 0xffff888114d79000 size 1024: comm "syz.1.17", pid 931 ... xfrmpolicyalloc+0xb3/0x4b0...
CVE-2026-43090 xfrm: fix refcount leak in xfrm_migrate_policy_find
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in xfrmmigratepolicyfind syzkaller reported a memory leak in xfrmpolicyalloc: BUG: memory leak unreferenced object 0xffff888114d79000 size 1024: comm "syz.1.17", pid 931 ... xfrmpolicyalloc+0xb3/0x4b0...
CVE-2026-43088
In the Linux kernel, the following vulnerability has been resolved: net: afkey: zero aligned sockaddr tail in PFKEY exports PFKEY export paths use pfkeysockaddrsize when reserving sockaddr payload space, so IPv6 addresses occupy 32 bytes on the wire. However, pfkeysockaddrfill initializes only th...
CVE-2026-43088 net: af_key: zero aligned sockaddr tail in PF_KEY exports
In the Linux kernel, the following vulnerability has been resolved: net: afkey: zero aligned sockaddr tail in PFKEY exports PFKEY export paths use pfkeysockaddrsize when reserving sockaddr payload space, so IPv6 addresses occupy 32 bytes on the wire. However, pfkeysockaddrfill initializes only th...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the repeated invocation of xfrmpolholdrcu in the xfrmmigratepolicyfind function, leading to an...
PT-2026-37400
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Linux kernel due to a reference count imbalance. The issue occurs within the xfrm migrate policy find function, which performs a double call to the xfrm pol...
PT-2026-37398
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the PF KEY export paths where pfkey sockaddr size is used to reserve sockaddr payload space, resulting in IPv6 addresses occupying 32 bytes. However, the pfkey sockadd...
CVE-2026-31734
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix isbpfmigrationdisabled false negative on non-PREEMPTRCU Since commit 8e4f0b1ebcf2 "bpf: use rcureadlockdontmigrate for trampoline.c", the BPF prolog bpfprogenter calls migratedisable only when CONFIGPREEMPTRCU is...
Fedora 44 : roundcubemail (2026-6d293b6889)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6d293b6889 advisory. Version 1.7-rc6 This is hopefully the last release candidate for the next major version 1.7 of Roundcube Webmail. It provides a fix to recently...
SUSE CVE-2026-31515
In the Linux kernel, the following vulnerability has been resolved: afkey: validate families in pfkeysendmigrate syzbot was able to trigger a crash in skbput 1 Issue is that pfkeysendmigrate does not check old/new families, and that setipsecrequest @family argument was truncated, thus possibly...
CVE-2026-31515
A flaw was found in the Linux kernel. The pfkeysendmigrate function, which manages security associations, does not properly validate address families. This oversight can lead to an overfill of the socket buffer skb, a data structure used for network packets, when processing certain requests. A...
CVE-2026-31515
In the Linux kernel, the following vulnerability has been resolved: afkey: validate families in pfkeysendmigrate syzbot was able to trigger a crash in skbput 1 Issue is that pfkeysendmigrate does not check old/new families, and that setipsecrequest @family argument was truncated, thus possibly...
CVE-2026-31515
CVE-2026-31515 affects the Linux kernel and is resolved by validating address families in pfkey_send_migrate(); the flaw allowed overfilling the skb when processing requests due to truncation of the @family argument in set_ipsecrequest. SYZBOT demonstrated a crash in skb_put(), leading to a kerne...
CVE-2026-31515 af_key: validate families in pfkey_send_migrate()
In the Linux kernel, the following vulnerability has been resolved: afkey: validate families in pfkeysendmigrate syzbot was able to trigger a crash in skbput 1 Issue is that pfkeysendmigrate does not check old/new families, and that setipsecrequest @family argument was truncated, thus possibly...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verification of the address family in the pfkeysendmigrate function. This vulnerabili...