dirtyfrag

Dirty Frag Overview Dirty Frag is a class of Linux ke...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: netlink: prevents potential Spectre v1 exploits Most netlink attributes are parsed and validated via nlavalidateparse or validatenla. c u16 type = nlatypenla; if type == 0 || type maxtype / Report an error or proceed with...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: fixed the global out-of-bounds read in ksmbdnlpolicy. Similar to the reported issue see commit b33fb5b801c6 “net: qualcomm: rmnet: fixed global out-of-bounds in rmnetpolicy”, my local fuzzer discovered another global...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix out-of-bounds read when setting HMAC data. The SRv6 layer allows defining HMAC data that can later be used to sign IPv6 Segment Routing Headers. This configuration is realized through netlink using four attributes:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/core: Correctly check the presence of LSNLATYPEDGID. The netlink response for RDMANLLSOPIPRESOLVE should always contain an LSNLATYPEDGID attribute; it is invalid if it is missing. Properly use the nl parsing logic and cal...

PT-2026-35133

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the af unix module where exact UNIX diag lookups hold a reference to the socket but not to u-path. The unix release sock function clears u-path under the unix state lo...

CVE-2026-31428 netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...

PT-2026-32354

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the netfilter nfnetlink log component allows the leak of stale heap contents to userspace via the NFLOG netlink socket. The function build packet message manually constructs th...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000681)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000681 advisory. A security flaw was discovered in the nl80211setrekeydata function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether...

CVE-2025-68785

A slab-out-of-bounds read vulnerability was found in the Linux kernel's Open vSwitch OVS module. The pushnsh action does not validate the middle nested attribute OVSKEYATTRNSH between the outer action and inner key attributes. When the middle attribute has an incorrect size, the nladata unwrap...

AZL-74336 CVE-2025-68785 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993252)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993252 advisory. In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribu...

PT-2026-2517

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Open vSwitch component related to insufficient validation of attributes in the push nsh action. Specifically, the code does not adequately...

CVE-2023-53652 vdpa: Add features attr to vdpa_nl_policy for nlattr length check

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add features attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr point...

EUVD-2017-18648

Malware in sbrugna...

EUVD-2017-18625

Malware in sbrugna...

SUSE CVE-2023-53570

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix integer overflow in nl80211parsembssidelems nl80211parsembssidelems uses a u8 variable numelems to count the number of MBSSID elements in the nested netlink attribute attrs, which can lead to an integer overflo...

UBUNTU-CVE-2023-53570

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix integer overflow in nl80211parsembssidelems nl80211parsembssidelems uses a u8 variable numelems to count the number of MBSSID elements in the nested netlink attribute attrs, which can lead to an integer overflo...

CVE-2023-53570

CVE-2023-53570 is a Linux kernel local-privilege issue in the wireless stack. The vulnerability arises from nl80211_parse_mbssid_elems() using an unsigned 8-bit counter (num_elems) to track MBSSID elements, which can overflow when a userspace nl80211 attribute specifies 256 or more elements. This...

UBUNTU-CVE-2023-53456

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places that qla4xxx parses nlattrs: - qla4xxxsetchapentry - qla4xxxifacesetparam - qla4xxxsysfsddbsetparam and each of them directly converts the nlattr to...