CLSA-2026-1777614769 kernel: Fix of 13 CVEs

crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...

kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM subsystem. An authenticated local attacker could exploit a Use-After-Free UAF vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper devput calls without prior devhold calls, leading to an imbalance i...

kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM subsystem. An authenticated local attacker could exploit a Use-After-Free UAF vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper devput calls without prior devhold calls, leading to an imbalance i...

kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM subsystem. An authenticated local attacker could exploit a Use-After-Free UAF vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper devput calls without prior devhold calls, leading to an imbalance i...

kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM subsystem. An authenticated local attacker could exploit a Use-After-Free UAF vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper devput calls without prior devhold calls, leading to an imbalance i...

kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM subsystem. An authenticated local attacker could exploit a Use-After-Free UAF vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper devput calls without prior devhold calls, leading to an imbalance i...

ROS-20260304-73-0032

A vulnerability in the atmdevderegister function net/atm/resources.c of Linux operating systems involves incorrect computation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260220-73-0016

A vulnerability in the devput function of the net/atm/lec.c module of the Linux kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38323)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38323 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: atm: add lecmutex syzbot found its...

EUVD-2025-20076

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-22004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free. CVE-2025-22004 Note tha...

The vulnerability of the dev_put() function in the net/atm/lec.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the devput function in the net/atm/lec.c module of the Linux kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

kernel: net: atm: fix use after free in lec_send()

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...

SUSE CVE-2025-38323

In the Linux kernel, the following vulnerability has been resolved: net: atm: add lecmutex syzbot found its way in net/atm/lec.c, and found an error path in lecdattach could leave a dangling pointer in devlec. Add a mutex to protect devlecp uses from lecdattach, lecvccattach and lecmcastattach...

CVE-2025-38323

In the Linux kernel, the following vulnerability has been resolved: net: atm: add lecmutex syzbot found its way in net/atm/lec.c, and found an error path in lecdattach could leave a dangling pointer in devlec. Add a mutex to protect devlecp uses from lecdattach, lecvccattach and lecmcastattach...

AZL-64938 CVE-2025-38323 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: net: atm: add lecmutex syzbot found its way in net/atm/lec.c, and found an error path in lecdattach could leave a dangling pointer in devlec. Add a mutex to protect devlecp uses from lecdattach, lecvccattach and lecmcastattach...

UBUNTU-CVE-2025-38323

In the Linux kernel, the following vulnerability has been resolved: net: atm: add lecmutex syzbot found its way in net/atm/lec.c, and found an error path in lecdattach could leave a dangling pointer in devlec. Add a mutex to protect devlecp uses from lecdattach, lecvccattach and lecmcastattach...

SUSE CVE-2025-38180

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against devlec changes. It appears it had devput calls without prior devhold, leading to imbalance and UAF...

CVE-2025-38180

Summary: CVE-2025-38180 affects the Linux kernel’s ATM /proc net handling (lec). The root cause is unsafe dev_lec[] changes paired with missing dev_hold() before dev_put(), causing an imbalance and use-after-free (UAF). The issue is tied to the net/atm/lec handling code and has been addressed by ...

CVE-2025-38180 net: atm: fix /proc/net/atm/lec handling

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against devlec changes. It appears it had devput calls without prior devhold, leading to imbalance and UAF...