15 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Unregistering flowtable hooks upon netns exit. Unregistering flowtable hooks before they are released via nftablesflowtabledestroy; otherwise, the hook code may report a Use-After-Free error. BUG: KASAN:...
Linux Distros Unpatched Vulnerability : CVE-2026-31579
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wireguard: device: use exitrtnl callback instead of manual rtnllock in preexit wgnetnspreexit manually acquires rtnllock inside the pernet .preexit callback. Th...
Azure Linux 3.0 Security Update: kernel (CVE-2024-44991)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44991 advisory. - In the Linux kernel, the following vulnerability has been resolved: tcp: prevent concurrent execution of...
AZL-74360 CVE-2025-68768 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: inet: frags: flush pending skbs in fqdirpreexit We have been seeing occasional deadlocks on pernetopsrwsem since September in NIPA. The stuck task was usually modprobe often loading a driver like ipvlan, trying to take the lock a...
CVE-2025-68768
In the Linux kernel, the following vulnerability has been resolved: inet: frags: flush pending skbs in fqdirpreexit We have been seeing occasional deadlocks on pernetopsrwsem since September in NIPA. The stuck task was usually modprobe often loading a driver like ipvlan, trying to take the lock a...
UBUNTU-CVE-2025-68768
In the Linux kernel, the following vulnerability has been resolved: inet: frags: flush pending skbs in fqdirpreexit We have been seeing occasional deadlocks on pernetopsrwsem since September in NIPA. The stuck task was usually modprobe often loading a driver like ipvlan, trying to take the lock a...
CVE-2025-68768 inet: frags: flush pending skbs in fqdir_pre_exit()
In the Linux kernel, the following vulnerability has been resolved: inet: frags: flush pending skbs in fqdirpreexit We have been seeing occasional deadlocks on pernetopsrwsem since September in NIPA. The stuck task was usually modprobe often loading a driver like ipvlan, trying to take the lock a...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990529)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990529 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-380000)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-380000 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-387628)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387628 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before...
AZL-51365 CVE-2024-50036 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...
DEBIAN-CVE-2024-44991
In the Linux kernel, the following vulnerability has been resolved: tcp: prevent concurrent execution of tcpskexitbatch Its possible that two threads call tcpskexitbatch concurrently, once from the cleanupnet workqueue, once from a task that failed to clone a new netns. In the latter case, error...
SUSE CVE-2022-48935
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...
DEBIAN-CVE-2022-48935
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...
kernel: tcp: properly terminate timers for kernel sockets
In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test...