SUSE CVE-2026-45930

In the Linux kernel, the following vulnerability has been resolved: net: mctp: ensure our nlmsg responses are initialised Syed Faraz Abrar @farazsth98 from Zellic, and Pumpkin @u1f383 from DEVCORE Research Team working with Trend Micro Zero Day Initiative report that a RTMGETNEIGH will return...

CVE-2026-45930

A flaw was found in the Linux kernel's Multi-Channel Transport Protocol MCTP networking implementation. When processing a RTMGETNEIGH request, the system may return uninitialized data in the ndmsg pad bytes. This can allow a local attacker to obtain sensitive information from kernel memory, leadi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mctp: Fixed an error handling path in mctpinit. If mctpneighinit returns an error, the route resources should be released during the error handling path. Otherwise, some resources may be leaked...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed a use-after-free in the neigh update handler for the encap entry. The function mlx5erepneighupdate was not updated to accommodate the removal of the rtnl lock from the TC filter update path, and it did not...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: rose: Fixed dangling neighbor pointer issues in rosertdevicedown. There are two bugs in rosertdevicedown that can lead to use-after-free situations: 1. The loop variable t-count is modified within the loop, which can cause the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mctp i3c: handling of NULL header addresses daddr can be NULL if there is no neighbour table entry present; in that case, the TX packet should be discarded. saddr is usually set by the MCTP core, but NULL values should also be...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: The function neighnotify can be called without RTNL or RCU protection. Using RCU protection is recommended to avoid potential Universal Atomic Faults UAF...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: mctp i2c: handling of NULL header addresses The daddr field can be NULL if there is no neighbour table entry present. In that case, the TX packet should be discarded. The saddr field is usually set by the MCTP core, but a NULL...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix for neighbor and rtable leaks in smcibfindroute. In smcibfindroute, the neighbor found by neighlookup and the rtable resolved by iprouteoutputflow are not released or stored before returning. This could lead to a...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: The cleanup of neighbor information has been moved to the profile cleanuptx. For IP tunnel encapsulation in ECMP Equal-Cost Multipath mode, since the flow is duplicated to the peer eswitch, the related neighbor...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: The neighbour field allows NUDNOARP entries to be forced to be garbage-collected. IFFPOINTOPOINT interfaces use NUDNOARP entries for IPv6. It’s possible to fill up the neighbour table with too many entries, causing an overflow fo...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix neighbor use-after-free We sometimes observe use-after-free when dereferencing a neighbor 1. The problem seems to be that the driver stores a pointer to the neighbor, but does not hold a reference to it...

CVE-2026-31752 bridge: br_nd_send: validate ND option lengths

In the Linux kernel, the following vulnerability has been resolved: bridge: brndsend: validate ND option lengths brndsend walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLADDR option...

CVE-2026-31682

CVE-2026-31682 affects the Linux kernel bridge implementation, where br_nd_send may parse non-linear ND options from ns->opt[]. The root cause is failure to linearize the skb before ND option parsing, risking reads past the buffer and potential memory exposure or crash. The fix is to linearize...

CVE-2026-31682 bridge: br_nd_send: linearize skb before parsing ND options

In the Linux kernel, the following vulnerability has been resolved: bridge: brndsend: linearize skb before parsing ND options brndsend parses neighbour discovery options from ns-opt and assumes that these options are in the linear part of request. Its callers only guarantee that the ICMPv6 header...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007240)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007240 advisory. In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arpreqget. syzkaller reported an overflown write in arpreqget. 0 When...

SUSE CVE-2026-23460

In the Linux kernel, the following vulnerability has been resolved: net/rose: fix NULL pointer dereference in rosetransmitlink on reconnect syzkaller reported a bug 1, and the reproducer is available at 2. ROSE sockets use four sk-skstate values: TCPCLOSE, TCPLISTEN, TCPSYNSENT, and TCPESTABLISHE...

EUVD-2026-15374

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. Then, if...

ROS-20260119-7357

A vulnerability in the neighnotify function of the net/core/neighbour.c module of the Linux kernel's network functions support is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of...

mlxsw: spectrum_router: Fix neighbour use-after-free

...