EUVD-2026-39282

In the Linux kernel, the following vulnerability has been resolved: iouring/net: inherit IORINGCQEFBUFMORE across bundle recv retries When a bundle recv retries inside iorecvfinish, the merge logic OR the saved cflags from the previous iteration with the cflags returned by the new iteration: cfla...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash – fixed the double-free in hashaccept. If the accept2 function is called on the algifhash socket type with the MSGMORE flag set, and the cryptoahashimport fails, sk2 is freed. However, it is also freed in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Net: TLS – Fix for the WARNING message when using skmsgfree. A splice operation with MSGSPLICEPAGES causes the TLS sendmsg code to use the tlsswsendmsgsplice path to move the user-provided pages from the msg buffer to the msgpl...

VulnCheck KEV: CVE-2009-2698

The udpsendmsg function in the UDP implementation in 1 net/ipv4/udp.c and 2 net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash via vectors involving the MSGMORE flag and a UDP socket...

kernel: crypto: algif_hash - fix double free in hash_accept

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

kernel: crypto: algif_hash - fix double free in hash_accept

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

kernel: crypto: algif_hash - fix double free in hash_accept

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

kernel: crypto: algif_hash - fix double free in hash_accept

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

kernel: crypto: algif_hash - fix double free in hash_accept

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

AZL-64007 CVE-2025-38079 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

DEBIAN-CVE-2025-38079

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

CVE-2025-38079 crypto: algif_hash - fix double free in hash_accept

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

SUSE CVE-2024-35841

In the Linux kernel, the following vulnerability has been resolved: net: tls, fix WARNIING in skmsgfree A splice with MSGSPLICEPAGES will cause tls code to use the tlsswsendmsgsplice path in the TLS sendmsg code to move the user provided pages from the msg into the msgpl. This will loop over the...

DEBIAN-CVE-2024-35841

In the Linux kernel, the following vulnerability has been resolved: net: tls, fix WARNIING in skmsgfree A splice with MSGSPLICEPAGES will cause tls code to use the tlsswsendmsgsplice path in the TLS sendmsg code to move the user provided pages from the msg into the msgpl. This will loop over the...

UBUNTU-CVE-2024-35841

In the Linux kernel, the following vulnerability has been resolved: net: tls, fix WARNIING in skmsgfree A splice with MSGSPLICEPAGES will cause tls code to use the tlsswsendmsgsplice path in the TLS sendmsg code to move the user provided pages from the msg into the msgpl. This will loop over the...

DEBIAN-CVE-2023-52527

In the Linux kernel, the following vulnerability has been resolved: ipv4, ipv6: Fix handling of transhdrlen in ip,6appenddata Including the transhdrlen in length is a problem when the packet is partially filled e.g. something like sendMSGMORE happened previously when appending to an IPv4 or IPv6...

SUSE CVE-2017-6347

The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted system calls, as demonstrated b...

kernel: Exploitable memory corruption due to UFO to non-UFO path switch

An exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ipufoappenddata when building an UFO packet with MSGMORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privilege...

PT-2017-10816 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: The issue is related to a memory corruption vulnerability due to a UFO to non-UFO path switch. This occurs when building a UFO packet with MSG MORE, and the append path can be...

UBUNTU-CVE-2017-6347

The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted system calls, as demonstrated b...