CVE-2026-53238

CVE-2026-53238 affects the Linux kernel netlabel handling of unlabeled address and mask attributes. The bug occurs in netlbl_unlabel_addrinfo_get(), which used the address attribute length to decide if data could be read as IPv4 or IPv6, but did not independently validate the corresponding mask a...

EUVD-2026-39329

In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netlabel: Fixed a NULL pointer exception caused by CALIPSO on IPv4 sockets. When calling netlblconnsetattr, addr-safamily is used to determine the function’s behavior. If sk is an IPv4 socket, but the connect function is called...

UBUNTU-CVE-2025-71304

In the Linux kernel, the following vulnerability has been resolved: smack: /smack/doi: accept previously used values Writing to /smack/doi a value that has ever been written there in the past disables networking for non-ambient labels. E.g. cat /smack/doi 3 netlabelctl -p cipso list Configured...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2019-25160)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-25160 advisory. - In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memo...

MiracleLinux 7 : kernel-3.10.0-1127.8.2.el7 (AXSA:2020-121:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-121:05 advisory. kernel: double free may be caused by the function allocatetracebuffer in the file kernel/trace/trace.c CVE-2017-18595 kernel: use-after-free in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001274)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001274 advisory. A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to ente...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002271)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002271 advisory. cipsov4validate in include/net/cipsoipv4.h in the Linux kernel before 3.11.7, when CONFIGNETLABEL is disabled, allows attackers to cause a denial of service infinite...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002317)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002317 advisory. cipsov4validate in include/net/cipsoipv4.h in the Linux kernel before 3.11.7, when CONFIGNETLABEL is disabled, allows attackers to cause a denial of service infinite...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003182 advisory. A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to ente...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001020)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001020 advisory. cipsov4validate in include/net/cipsoipv4.h in the Linux kernel before 3.11.7, when CONFIGNETLABEL is disabled, allows attackers to cause a denial of service infinite...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-406647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-406647 advisory. In the Linux kernel, the following vulnerability has been resolved: calipso: fix memory leak in netlblcalipsoaddpass If IPv6 support is disabled at boot...

EUVD-2025-11235

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-10938

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to...

Linux Distros Unpatched Vulnerability : CVE-2025-22063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlblconnsetattr, addr-safamily is used to determine the function behavior...

Linux Distros Unpatched Vulnerability : CVE-2007-6762

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabelcipsov4.c where it is possible to overflow the doidef-tags array...

netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets

...

SUSE CVE-2025-22063

In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlblconnsetattr, addr-safamily is used to determine the function behavior. If sk is an IPv4 socket, but the connect function is called with an...

DEBIAN-CVE-2025-22063

In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlblconnsetattr, addr-safamily is used to determine the function behavior. If sk is an IPv4 socket, but the connect function is called with an...

UBUNTU-CVE-2025-22063

In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlblconnsetattr, addr-safamily is used to determine the function behavior. If sk is an IPv4 socket, but the connect function is called with an...