271 matches found
CVE-2026-46120
Concrete details found: CVE-2026-46120 affects the Linux kernel ip6_gre machinery. The issue is in ip6erspan_changelink(), which wrongly uses dev_net(dev) instead of the correct per-netns hash resolved by link_net, after a patch series that fixed per-netns resolution in ip6erspan_newlink(). This ...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: espintcp: The caching of the encap socket has been removed to avoid reference leaks. The current scheme for caching the encap socket can lead to reference leaks when trying to delete the netns. The reference chain is: xfrmstate -...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: fixed a use-after-free in twtimerhandler A real-world panic issue was discovered in Linux 5.4. Bug: Unable to handle a page fault for the address: ffffde49a863de28 PGD: 7e6fe62067 P4D: 7e6fe62067 PUD: 7e6fe63067 PMD:...
Astra Linux - уязвимость в linux-6.1, linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: defer final ‘struct net’ free in netns dismantle Ilya reported a slab-use-after-free in dstdestroy 1 The issue lies in xfrm6netinit and xfrm4netinit: They copy xfrm46dstopstemplate into net-xfrm.xfrm46dstops. However, the ne...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netns: Make getnetns handle zero refcount net Syzkaller hit a warning: refcountt: addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcountwarnsaturate+0xdf/0x1d0 Modules linked in: CPU: 3 PID: 7890...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tipc: Fixed a use-after-free in tipcconnclose. syzbot reported a null-ptr-deref in tipcconnclose during netns dismantle. 0 tipctopsrvstop iterates through tipcnetnet-topsrv-connidr and calls tipcconnclose for each tipcconn. The...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: xfrm: The x-tunnel variable is deleted as soon as the x variable is deleted. The IPcomp fallback tunnels currently get deleted from various lists and hashtables because the last user state that relied on those fallbacks is...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Unregistering flowtable hooks upon netns exit. Unregistering flowtable hooks before they are released via nftablesflowtabledestroy. Otherwise, the hook code may report a Use-After-Free error. BUG: KASAN:...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: Avoid using current-nsproxy. As mentioned in a previous commit of this series, using the net structure via current is not recommended for various reasons: - Inconsistency: Obtaining information from the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: authenable: avoid using current-nsproxy As mentioned in a previous commit of this series, using the net structure via current is not recommended for various reasons: - Inconsistency: obtaining information from the...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: In the TCP layer, the secpath is dropped at the same time as the dst is dropped. Xiumei reported encountering a warning in xfrm6tunnelnetexit while running tests that involve creating a pair of netns, running a basic TCP test usi...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: Interface: Fixed an issue where a use-after-free occurred after changing the collectmd xfrm interface. The collectmd property of xfrm interfaces can only be set during device creation. Therefore, the xfrmichangelink functio...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net/tipc: fixed the slab-use-after-free issue in tipcaeadencryptdone+0x4bd/0x510 net/tipc/crypto.c:840. Syzbot reported a slab-use-after-free with the following call trace:...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ipvs: Deferring the unregistration of ipvsftp during netns cleanup. During the netns cleanup process, ipvsftpexit may unregister ipvsftp before all connections with valid cp-app pointers are flushed, leading to a use-after-free...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Do not expose hwcounters outside of init net namespace Commit 467f432a521a “RDMA/core: Split port and device counter sysfs attributes” accidentally almost exposed hw counters to non-init net namespaces. It did not expo...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: pfcp: The device is destroyed along with the udp socket’s netns. The pfcpnewlink function links the device to a list in devnet instead of net, where an udp tunnel socket is created. Even when net is removed, the device remains...
SUSE CVE-2026-43091
In the Linux kernel, the following vulnerability has been resolved: xfrm: Wait for RCU readers during policy netns exit xfrmpolicyfini frees the policybydst hash tables after flushing the policy work items and deleting all policies, but it does not wait for concurrent RCU readers to leave their...
EUVD-2026-27592
In the Linux kernel, the following vulnerability has been resolved: xfrm: Wait for RCU readers during policy netns exit xfrmpolicyfini frees the policybydst hash tables after flushing the policy work items and deleting all policies, but it does not wait for concurrent RCU readers to leave their...
CVE-2026-43091
The CVE-2026-43091 vulnerability affects the Linux kernel xfrm policy handling during netns exit. The root cause is that xfrm_policy_fini() frees the policy_bydst hash tables after flushing work items and deleting policies, but does not wait for concurrent RCU readers to exit read-side critical s...
PT-2026-37401
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xfrm component where the xfrm policy fini function frees the policy bydst hash tables after flushing policy work items and deleting policies without waiting for...