Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Use RCU protection in ip6defaultadvmss. ip6defaultadvmss requires RCU protection to ensure that the network structure it reads does not disappear...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: defer final ‘struct net’ free in netns dismantle Ilya reported a slab-use-after-free in dstdestroy 1 The issue lies in xfrm6netinit and xfrm4netinit: They copy xfrm46dstopstemplate into net-xfrm.xfrm46dstops. However, the ne...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: authenable: avoid using current-nsproxy As mentioned in a previous commit of this series, using the net structure via current is not recommended for various reasons: - Inconsistency: obtaining information from the...

kernel: ipv6: use RCU protection in ip6_default_advmss()

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6defaultadvmss ip6defaultadvmss needs rcu protection to make sure the net structure it reads does not disappear...

kernel: ipv6: use RCU protection in ip6_default_advmss()

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6defaultadvmss ip6defaultadvmss needs rcu protection to make sure the net structure it reads does not disappear...

EUVD-2024-53306

Malicious code in bioql PyPI...

EUVD-2025-2586

Malicious code in bioql PyPI...

EUVD-2025-2588

Malicious code in bioql PyPI...

EUVD-2025-2589

Malicious code in bioql PyPI...

EUVD-2025-2587

Malicious code in bioql PyPI...

net: defer final 'struct net' free in netns dismantle

...

SUSE CVE-2025-21765

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6defaultadvmss ip6defaultadvmss needs rcu protection to make sure the net structure it reads does not disappear...

SUSE CVE-2025-21766

In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in iprtupdatepmtu iprtupdatepmtu must use RCU protection to make sure the net structure it reads does not disappear...

CVE-2025-21635

In the Linux kernel, the following vulnerability has been resolved: rds: sysctl: rdstcprcv,sndbuf: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

AZL-57232 CVE-2025-21640 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

CVE-2025-21636

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: plpmtudprobeinterval: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info fro...

CVE-2025-21640 sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

CVE-2025-21638

CVE-2025-21638 - Linux kernel SCTP sysctl auth_enable is fixed. The issue arises from using the current task’s nsproxy via the net structure (current->nsproxy) when reading sctp. sysctl settings, leading to potential NULL pointer dereference if current task is exiting. The fix replaces direct ...

CVE-2025-21637 sctp: sysctl: udp_port: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: udpport: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

CVE-2025-21636 sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: plpmtudprobeinterval: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info fro...