Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: gso: Fixed a panic that occurred when using a fraglist with mixed head allocation types. Since the commit 3dcbdb134f32 “net: gso: Fixed an error in skbsegment when splitting a gsosize mangled skb having linear-headed...

net: strparser: fix skb_head leak in strp_abort_strp()

...

CVE-2026-45847

In the Linux kernel, the following vulnerability has been resolved: net: remove WARNONONCE when accessing forward path array Although unlikely, recent support for IPIP tunnels increases chances of reaching this WARNONONCE if userspace manages to build a sufficiently long forward path. Remove it...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: removed one synchronizenet call from ipv6mcdown. As discussed in previous discussions commit 2d3916f31891 “ipv6: fix skb drops in igmp6eventquery and igmp6eventreport”, the synchronizenet call in ipv6mcdown is not...

CVE-2026-43194

In the Linux kernel, the following vulnerability has been resolved: net: consume xmit errors of GSO frames udpgrofrglist.sh and udpgrobench.sh are the flakiest tests currently in NIPA. They fail in the same exact way, TCP GRO test stalls occasionally and the test gets killed after 10min. These...

net: fix fanout UAF in packet_release() via NETDEV_UP race

...

Oracle Linux 9 : kernel (ELSA-2026-6153)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6153 advisory. - net/sched: clsu32: use skbheaderpointercareful Paolo Abeni RHEL-150403 CVE-2026-23204 - bonding: fix use-after-free due to enslave fail after slave...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpicmpui bsc1254992. CVE-2025-39748: bpf: Forget ranges when refining tnum after JSET bsc1249587...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005494)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005494 advisory. In the Linux kernel, the following vulnerability has been resolved: net: preserve skbendoffset in skbunclonekeeptruesize syzbot found another way to trigger the...

net: sock: fix hardened usercopy panic in sock_recv_errqueue

...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992929)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992929 advisory. In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in...

CVE-2022-50780 net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed

In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnlnfhookdrop when opsinit failed When the opsinit interface is invoked to initialize the net, but ops-init fails, data is released. However, the ptr pointer in net-gen is invalid. In this case, when...

net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod.

...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2025-1208)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1208 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer dereference in l3mdevl3rcv CVE-2025-22103 In the Linux kernel, the following vulnerability has been...

CVE-2023-53233

CVE-2023-53233 is associated with a Linux kernel issue related to the net/smc deadlock: cancel_delayed_work_syn() deadlock detected via lockdep in the smc path. The connected Nessus/OSV entries (Unity Linux UTSA advisories UTSA-2025-993266 and UTSA-2025-992554; Debian Ubuntu OSVs) confirm a fix h...

Security update for kernel-livepatch-MICRO-6-0_Update_3

This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twi...

CVE-2025-38684

CVE-2025-38684 affects the Linux kernel’s net/sched ETS implementation. The issue arose from purging unused DRR queues during ets_qdisc_change(), where the code used the new value of q->nbands for cleanup. The fix ensures the purge uses the old values of q->nbands (and q->nstrict), so pu...

net: fix NULL pointer dereference in l3mdev_l3_rcv

...

OESA-2025-2003 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: allow small head cache usage with large MAXSKBFRAGS values Sabrina reported the following splat: WARNING: CPU: 0 PID: 1 at net/core/dev.c:6935...

net: atm: fix /proc/net/atm/lec handling

...