Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/tls: fixed a kernel panic that occurred when allocpage failed. We cannot set fraglist to a NULL pointer when allocpage failed. This pointer will be used in tlsstrpcheckqueueok when tlsstrpreadsock is called next time. This...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: tls: Avoid hanging tasks when using txlock. The syzbot reported a situation where tasks were hung. Eric explained that the adversarial receiver may keep RWIN at 0 for a long time, so we cannot guarantee progress. Threads tha...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/tls: The use-after-free issue in the -EBUSY error handling path of tlsdoencryption has been fixed. The -EBUSY handling in tlsdoencryption, introduced with commit 859054147318 “net: tls: handle backlogging of crypto requests”,...

CVE-2026-31533 net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption The -EBUSY handling in tlsdoencryption, introduced by commit 859054147318 "net: tls: handle backlogging of crypto requests", has a use-after-free due to double...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013591 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the txlock syzbot sent a hung task report and Eric explains that...

kernel: tls: wait for pending async decryptions if tls_strp_msg_hold fails

A vulnerability was found in tlsdecryptsg in net/tls/tlssw.c in networking subsystem in the Linux Kernel.In this flaw, If it fails to clone of the input skb to hold the reference to the memory it uses may lead a use-after-free...

CVE-2023-54306 net: tls: avoid hanging tasks on the tx_lock

In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the txlock syzbot sent a hung task report and Eric explains that adversarial receiver may keep RWIN at 0 for a long time, so we are not guaranteed to make forward progress. Thread which took txloc...

CVE-2023-54306

CVE-2023-54306 affects the Linux kernel in the network stack (net: tls) where a thread holding tx_lock could sleep and fail to release the lock for hours if an adversarial receiver keeps RWIN at 0, preventing forward progress. The root cause is an uninterruptible sleep path under tx_lock that cou...

CVE-2023-54306 net: tls: avoid hanging tasks on the tx_lock

In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the txlock syzbot sent a hung task report and Eric explains that adversarial receiver may keep RWIN at 0 for a long time, so we are not guaranteed to make forward progress. Thread which took txloc...

PT-2025-54152

In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the tx lock syzbot sent a hung task report and Eric explains that adversarial receiver may keep RWIN at 0 for a long time, so we are not guaranteed to make forward progress. Thread which took tx...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988782)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988782 advisory. In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tlserrabort calls sk-skerr appears to expect a positive value, a...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-079)

The version of kernel installed on the remote host is prior to 5.15.182-123.190. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-079 advisory. In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between...

DEBIAN-CVE-2025-38018

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix kernel panic when allocpage failed We cannot set fraglist to NULL pointer when allocpage failed. It will be used in tlsstrpcheckqueueok when the next time tlsstrpreadsock is called. This is because we don't reset...

UBUNTU-CVE-2025-38018

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix kernel panic when allocpage failed We cannot set fraglist to NULL pointer when allocpage failed. It will be used in tlsstrpcheckqueueok when the next time tlsstrpreadsock is called. This is because we don't reset...

CVE-2025-38018 net/tls: fix kernel panic when alloc_page failed

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix kernel panic when allocpage failed We cannot set fraglist to NULL pointer when allocpage failed. It will be used in tlsstrpcheckqueueok when the next time tlsstrpreadsock is called. This is because we don't reset...

CVE-2025-38018

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix kernel panic when allocpage failed We cannot set fraglist to NULL pointer when allocpage failed. It will be used in tlsstrpcheckqueueok when the next time tlsstrpreadsock is called. This is because we don't reset...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from disconnections not being handled correctly in net/tls, which could lead to warnings and crashes...

EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2024-2140)

"According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted...

CVE-2021-47496

In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tlserrabort calls sk-skerr appears to expect a positive value, a convention that ktls doesn't always follow and that leads to memory corruption in other code. For instance, kworker tlsencryptdone...,...

CVE-2021-47496 net/tls: Fix flipped sign in tls_err_abort() calls

In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tlserrabort calls sk-skerr appears to expect a positive value, a convention that ktls doesn't always follow and that leads to memory corruption in other code. For instance, kworker tlsencryptdone...,...