21 matches found
SUSE-SU-2026:21973-1 Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.29.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy bsc1261845. -...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: shaper: Protection against late creation of hierarchies. We retrieve a netdev object during the preparation of Netlink operations before callbacks. We then take a reference to it. Later, within the body of the callback, we...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: shaper: Protection is added for late read accesses to the hierarchy. We retrieve a netdev object during the preparation of Netlink operations pre-callbacks, and then we acquire a reference to it. Later, within the body of th...
EUVD-2026-30017
In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsgreply genlmsgreply hands the reply skb to netlink, and netlinkunicast consumes it on all return paths, whether the skb is queued successfully or freed on an error path...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the functions netshapernlgetdoit and netshapernlcapgetdoit. These functions incorrectly call nlmsgfree...
Linux Distros Unpatched Vulnerability : CVE-2026-23437
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the...
SUSE CVE-2026-23436
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
EUVD-2026-18677
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
CVE-2026-23437
A flaw was found in the Linux kernel's net: shaper module. This vulnerability arises from a missing liveness check during Netlink operations when a network device netdev is referenced and subsequently accessed. If the netdev is unregistered before the access, it can lead to a use-after-free...
CVE-2026-23436
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
CVE-2026-23437
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
UBUNTU-CVE-2026-23437
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
CVE-2026-23436
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
CVE-2026-23437
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
CVE-2026-23437
CVE-2026-23437 (Linux kernel) concerns the net: shaper module. A missing liveness check occurs when a netdev is looked up during prep of Netlink operations, a reference is taken, and later the code uses the netdev’s lock or RCU protections. The conversion from a ref to a locked netdev may proceed...
CVE-2026-23436
The CVE-2026-23436 issue affects the Linux kernel's net: shaper component. A race could occur when a netdev is unregistered between taking a reference during Netlink prep and locking/RCU in the callback, potentially leaking the hierarchy after a flush. The fix applies the instance lock in pre- st...
CVE-2026-23436 net: shaper: protect from late creation of hierarchy
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
PT-2026-30132
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
UBUNTU-CVE-2025-38271
In the Linux kernel, the following vulnerability has been resolved: net: prevent a NULL deref in rtnlcreatelink At the time rtnlcreatelink is running, dev-netdevops is NULL, we must not use netdevlockops or risk a NULL deref if CONFIGNETSHAPER is defined. Use netifsetgroup instead of devsetgroup...
CVE-2025-38271 net: prevent a NULL deref in rtnl_create_link()
In the Linux kernel, the following vulnerability has been resolved: net: prevent a NULL deref in rtnlcreatelink At the time rtnlcreatelink is running, dev-netdevops is NULL, we must not use netdevlockops or risk a NULL deref if CONFIGNETSHAPER is defined. Use netifsetgroup instead of devsetgroup...