CVE-2025-39984

In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi-skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb net/core/gro.c:723...

CVE-2025-39984

The CVE-2025-39984 vulnerability affects the Linux kernel’s tun/tap/XDP path. The issue arises when, after an XDP processing, the original skb can be freed (UAF scenario); the fix updates napi->skb after the XDP process to avoid dangling pointers. Affected component: net/tun and gro flow where...

CVE-2022-49856

Removed by vendor...

Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check...

Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059179 fixes several issues. The following security issues were fixed: CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check...

UBUNTU-CVE-2022-49014

In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach syzbot reported use-after-free in tundetach 1. This causes call trace like below: ================================================================== BUG: KASAN: use-after-free in...

CVE-2022-49014 net: tun: Fix use-after-free in tun_detach()

In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach syzbot reported use-after-free in tundetach 1. This causes call trace like below: ================================================================== BUG: KASAN: use-after-free in...

CVE-2022-49014 net: tun: Fix use-after-free in tun_detach()

In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach syzbot reported use-after-free in tundetach 1. This causes call trace like below: ================================================================== BUG: KASAN: use-after-free in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible post-release reuse issue in the net/tun module in the tundetach function...

Double free

In the Linux kernel, the following vulnerability has been resolved: tun: avoid double free in tunfreenetdev Avoid double free in tunfreenetdev by moving the dev-tstats and tun-security allocs to a new ndoinit routine tunnetinit that will be called by registernetdevice. ndoinit is paired with the...

kernel security and bug fix update

4.18.0-513.9.19.OL8 - media: dvb-core: Fix use-after-free due to race at dvbregisterdevice Mauro Carvalho Chehab CVE-2022-45884 - cifs: Fix UAF in cifsdemultiplexthread Zhang Xiaoxu CVE-2023-1192 - nvmet-tcp: Fix a possible UAF in queue intialization setup Sagi Grimberg CVE-2023-5178 - net: tun:...

GSD-2022-1004435 net: tun: avoid disabling NAPI twice

net: tun: avoid disabling NAPI twice This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.53 by commit c28f955155037586132f8aad573e06a41d260038...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel Security (ELSA-2013-2534)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-2534 advisory. - KVM: add missing void user COPYING CREDITS Documentation Kbuild MAINTAINERS Makefile README REPORTING- BUGS arch block crypto drivers firmware fs...

Unbreakable Enterprise kernel Security update

2.6.32-400.29.1 - KVM: add missing void user COPYING CREDITS Documentation Kbuild MAINTAINERS Makefile README REPORTING-BUGS arch block crypto drivers firmware fs include init ipc kernel lib mm net samples scripts security sound tools uek-rpm usr virt cast to accessok call Heiko Carstens Orabug:...