kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

CVE-2026-42457 vCluster Platform: Stored XSS can lead to privilege escalation

vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0, there is a Stored XSS attack vulnerability via the name field of a templateRef. This can lead to the execution of arbitrary external...

CVE-2026-42457

Affected software: vCluster Platform. Component/issue: Stored XSS via the name field of a templateRef (root cause: stored XSS in templateRef name). Impact: could lead to arbitrary script execution in the platform’s browser context and, in the worst case, privilege escalation by creating a new Glo...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange [email protected] says: The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. It leads to UAF on stru...

Astra Linux - уязвимость в linux, linux-5.10

In the net/netfilter/nftablesapi.c file within the Linux kernel, up to version 5.18.1, it is possible for a local user who can create user/net namespaces to escalate privileges to root. This occurs because an incorrect NFTSTATEFULEXPR check leads to a use-after-free vulnerability...

CVE-2025-71066

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange [email protected] says: The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. It leads to UAF on stru...

CVE-2025-71066

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange [email protected] says: The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. It leads to UAF on stru...

UBUNTU-CVE-2025-71066

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange [email protected] says: The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. It leads to UAF on stru...

PT-2026-2587

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a race condition within the ets qdisc change function related to the handling of Quality of Service QoS classes. This condition can lead to a Use-After-Free UAF...

CVE-2025-14986

When frontend.enableExecuteMultiOperation is enabled, the server can apply namespace-scoped validation and feature gates for the embedded StartWorkflowExecutionRequest using its Namespace field rather than the outer, authorized ExecuteMultiOperationRequest.Namespace. This allows a caller authoriz...

CVE-2022-50748 ipc: mqueue: fix possible memory leak in init_mqueue_fs()

In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fix possible memory leak in initmqueuefs commit db7cfc380900 "ipc: Free mqsysctls if ipc namespace creation failed" Here's a similar memory leak to the one fixed by the patch above. retiremqsysctls need to be called...

PT-2025-53146

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the nfqnl nf hook drop function. This occurs when the ops init interface fails during net initialization, leading to an invalid...

PT-2025-53114

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the init mqueue fs function within the message queue subsystem of the Linux kernel. The issue occurs when init mqueue fs fails after setup mq sysctls, and retire ...

EUVD-2023-27568

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unreleased percpu counter block on the wrong path when creating a new network namespace, which could lead...

CVE-2023-23468

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to insufficient security configuration which may allow creation of namespaces within a cluster. IBM X-Force ID: 244500...

CVE-2024-53175

In the Linux kernel, the following vulnerability has been resolved: ipc: fix memleak if msginitns failed in createipcns Percpu memory allocation may failed during createipcns however this fail is not handled properly since ipc sysctls and mq sysctls is not released properly. Fix this by release...

CVE-2024-53175 ipc: fix memleak if msg_init_ns failed in create_ipc_ns

In the Linux kernel, the following vulnerability has been resolved: ipc: fix memleak if msginitns failed in createipcns Percpu memory allocation may failed during createipcns however this fail is not handled properly since ipc sysctls and mq sysctls is not released properly. Fix this by release...

kernel: nfsd: initialise nfsd_info.mutex early.

In the Linux kernel, the following vulnerability has been resolved: nfsd: initialise nfsdinfo.mutex early. nfsdinfo.mutex can be dereferenced by svcpoolstatsstart immediately after the new netns is created. Currently this can trigger an oops. Move the initialisation earlier before it can possibly...

DEBIAN-CVE-2024-42078

In the Linux kernel, the following vulnerability has been resolved: nfsd: initialise nfsdinfo.mutex early. nfsdinfo.mutex can be dereferenced by svcpoolstatsstart immediately after the new netns is created. Currently this can trigger an oops. Move the initialisation earlier before it can possibly...