CVE-2026-23460

A flaw was found in the Linux kernel's net/rose component. A local user can trigger a NULL pointer dereference by calling connect a second time while a connection attempt is already in progress. This improper handling of concurrent connection attempts can lead to a system crash, resulting in a...

ROS-20260119-7315

A vulnerability in the net/rose component of the Linux operating system kernel is related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7350

A vulnerability in the rosebind function of the net/rose/afrose.c component of the Linux operating system kernel is related to insufficient locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2022-2318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any...

UBUNTU-CVE-2025-21711

In the Linux kernel, the following vulnerability has been resolved: net/rose: prevent integer overflows in rosesetsockopt In case of possible unpredictably large arguments passed to rosesetsockopt and multiplied by extra values on top of that, integer overflows may occur. Do the safest minimum an...

Unbreakable Enterprise kernel security update

5.4.17-2136.328.3 - IB/cm: Cancel mad on the DREQ event when the state is MRAREPRCVD Mark Zhang Orabug: 36143228 - KSPLICE: make sure the stack is zeroed. Gregory Herrero Orabug: 36154654 - sched/fair: Fix tg-load when offlining a CPU Vincent Guittot Orabug: 36185207 - i2c: core: Fix atomic xfer...

An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.

...

CVE-2023-51782

An issue was discovered in the Linux kernel before 6.6.8. roseioctl in net/rose/afrose.c has a use-after-free because of a roseaccept race condition...

CVE-2023-51782

An issue was discovered in the Linux kernel before 6.6.8. roseioctl in net/rose/afrose.c has a use-after-free because of a roseaccept race condition...

CVE-2023-51782

An issue was discovered in the Linux kernel before 6.6.8. roseioctl in net/rose/afrose.c has a use-after-free because of a roseaccept race condition...

CVE-2023-51782

An issue was discovered in the Linux kernel before 6.6.8. roseioctl in net/rose/afrose.c has a use-after-free because of a roseaccept race condition...

CVE-2023-51782

The CVE-2023-51782 issue affects the Linux kernel (net/rose/af_rose.c) and is a use-after-free in rose_ioctl caused by a race in rose_accept. Affected versions are before 6.6.8. The vulnerability can lead to local privilege escalation or kernel crash. Mitigation: upgrade to Linux kernel 6.6.8 or ...

CLSA-2023-1682604577 Fix of 53 CVEs

CVE-2022-1198 - drivers: hamradio: 6pack: fix UAF bug caused by modtimer Bionic update: upstream stable patchset 2022-03-04 LP: 1963717 // CVE-2020-36516 - ipv4: avoid using shared IP generator for connected sockets CVE-2022-36879 - xfrm: xfrmpolicy: fix a possible double xfrmpolsput in...

CBL Mariner 2.0 Security Update: kernel (CVE-2022-2318)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2318 advisory. - There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow...

Ubuntu 18.04 LTS : Linux kernel (AWS) vulnerabilities (USN-5682-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5682-1 advisory. It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5668-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5668-1 advisory. It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this...

Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5648-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5648-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

Ubuntu 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-5640-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5640-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

Amazon Linux AMI : kernel (ALAS-2022-1624)

The version of kernel installed on the remote host is prior to 4.14.287-148.504. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1624 advisory. There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow...

Important: kernel

Issue Overview: There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges. CVE-2022-2318 Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text...