kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

A vulnerability was found in the Linux kernel's management of network namespaces. By manipulating the lifecycle of network namespaces, an attacker could exploit this vulnerability to cause a system crash or leak sensitive system memory. Exploitation of this vulnerability requires that a user has...

kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

A vulnerability was found in the Linux kernel's management of network namespaces. By manipulating the lifecycle of network namespaces, an attacker could exploit this vulnerability to cause a system crash or leak sensitive system memory. Exploitation of this vulnerability requires that a user has...

kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

A vulnerability was found in the Linux kernel's management of network namespaces. By manipulating the lifecycle of network namespaces, an attacker could exploit this vulnerability to cause a system crash or leak sensitive system memory. Exploitation of this vulnerability requires that a user has...

UBUNTU-CVE-2025-38247

In the Linux kernel, the following vulnerability has been resolved: userns and mntidmap leak in opentreeattr2 Once wantmountsetattr has returned a positive, it does require finishmountkattr to release -mntuserns. Failing domountsetattr does not change that. As the result, we can end up leaking...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from userns and mntidmap leaks in opentreeattr...

DEBIAN-CVE-2025-38052

In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read in tipcaeadencryptdone Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-use-after-free...

USN-7536-2: cifs-utils regression

USN-7536-1 fixed vulnerabilities in cifs-utils. This update introduced a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos...

Astra Linux – Vulnerability in runc-app

Runc is a CLI tool for spawning and running containers according to the OCI specification. Runc versions 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be exploited by creating empty files or directories in arbitrary locations within the host filesystem. This is achieved by sharing a...

CVE-2025-5054

CVE-2025-5054 summary (Mode C) Affected software: Canonical Apport (Linux crash reporter) up to version 2.32.0. Vulnerability: A race condition in Apport’s crash handling logic allows a local attacker to leak sensitive information by abusing PID reuse and namespace/container handling. Specificall...

USN-7536-1: cifs-utils vulnerability

It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos credentials. An attacker could possibly use this issue to obtain sensitive information...

USN-7536-1 cifs-utils vulnerability

It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos credentials. An attacker could possibly use this issue to obtain sensitive information...

containerd 安全漏洞

containerd is an industry-standard container runtime open-sourced by containerd. A security vulnerability exists in containerd versions prior to 2.0.1 through 2.0.5 that stems from not placing user namespace containers under the Kubernetes cgroup hierarchy, which could result in a denial of servi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not cleaning up packets redirected across namespaces, which could lead to information disclosure...

CVE-2025-46836

A flaw was found in net-tools. This vulnerability allows arbitrary code execution or a crash via improper handling of interface labels from /proc/net/dev. Mitigation To mitigate this vulnerability, disable unprivileged user-namespaces sysctl kernel.unprivilegedusernsclone=0 to remove the easiest...

libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes...

libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes...

PT-2025-22220

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue occurs when bpf redirect peer is used to redirect packets to a device in another network namespace, and the packet is not...

Security update for libxslt

This update for libxslt fixes the following issues: CVE-2025-24855: Fixed use-after-free of XPath context node bsc1239625 CVE-2024-55549: Fixed use-after-free related to excluded namespaces bsc1239637 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...

SUSE-SU-2025:1494-1 Security update for libxslt

This update for libxslt fixes the following issues: - CVE-2025-24855: Fixed use-after-free of XPath context node bsc1239625 - CVE-2024-55549: Fixed use-after-free related to excluded namespaces bsc1239637...

CVE-2025-46690

Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct namespaces/default/formats request...