CVE-2026-43481

In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsgreply genlmsgreply hands the reply skb to netlink, and netlinkunicast consumes it on all return paths, whether the skb is queued successfully or freed on an error path...

CVE-2026-43481

In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsgreply genlmsgreply hands the reply skb to netlink, and netlinkunicast consumes it on all return paths, whether the skb is queued successfully or freed on an error path...

CVE-2026-43107

A flaw was found in the Linux kernel's xfrm subsystem. A remote attacker could send a specially crafted netlink message that, due to an incorrect size calculation when handling XFRMAIFID attributes, would lead to a buffer overflow. This issue could cause a kernel panic, resulting in a Denial of...

CVE-2026-43167

CVE-2026-43167 relates to the Linux kernel xfrm subsystem where a reference-count leak in xfrm_state occurs when a network device is unregistered. The issue stems from an IPsec hardware-offload API change (commit d77e38e612a0) that made xfrm_dev_unregister() a no-op, even though xfrm_dev_state_ad...

CVE-2026-43085

CVE-2026-43085: In the Linux kernel, nfnetlink_log did not initialize the nfgenmsg payload when emitting NLMSG_DONE terminators while batching multiple NFLOG messages, leaking four bytes of stale heap data to userspace. The issue is fixed by using nfnl_msg_put() to build the NLMSG_DONE terminator...

CVE-2026-43040

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndiscrauseropt to initialize nduseroptpadX fields to zero to prevent an info-leak When processing Router Advertisements with user options the kernel builds an RTMNEWNDUSEROPT netlink message. The nduseroptms...

EUVD-2026-26639

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndiscrauseropt to initialize nduseroptpadX fields to zero to prevent an info-leak When processing Router Advertisements with user options the kernel builds an RTMNEWNDUSEROPT netlink message. The nduseroptms...

PT-2026-36457

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndisc ra useropt to initialize nduseropt padX fields to zero to prevent an info-leak When processing Router Advertisements with user options the kernel builds an RTM NEWNDUSEROPT netlink message. The...

CVE-2026-31531

In the Linux kernel, the following vulnerability has been resolved: ipv4: nexthop: allocate skb dynamically in rtmgetnexthop When querying a nexthop object via RTMGETNEXTHOP, the kernel currently allocates a fixed-size skb using NLMSGGOODSIZE. While sufficient for single nexthops and small...

CVE-2026-31531

In the Linux kernel, the following vulnerability has been resolved: ipv4: nexthop: allocate skb dynamically in rtmgetnexthop When querying a nexthop object via RTMGETNEXTHOP, the kernel currently allocates a fixed-size skb using NLMSGGOODSIZE. While sufficient for single nexthops and small...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011099)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011099 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN...

EUVD-2026-21937

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: account for netlink header size This is a followup to an old bug fix: NLMSGDONE needs to account for the netlink header size, not just the attribute size. This can result in a WARN splat + drop of the...

CVE-2026-31416

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: account for netlink header size This is a followup to an old bug fix: NLMSGDONE needs to account for the netlink header size, not just the attribute size. This can result in a WARN splat + drop of the...

PT-2026-32342

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink log: account for netlink header size This is a followup to an old bug fix: NLMSG DONE needs to account for the netlink header size, not just the attribute size. This can result in a WARN splat + drop of the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001056)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001056 advisory. net/xfrm/xfrmpolicy.c in the Linux kernel through 4.12.3, when CONFIGXFRMMIGRATE is enabled, does not ensure that the dir value of xfrmuserpolicyid is XFRMPOLICYMAX ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000787)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000787 advisory. The netlinksendmsg function in net/netlink/afnetlink.c in the Linux kernel before 3.5.5 does not validate the dstpid field, which allows local users to have an...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002685)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002685 advisory. net/xfrm/xfrmpolicy.c in the Linux kernel through 4.12.3, when CONFIGXFRMMIGRATE is enabled, does not ensure that the dir value of xfrmuserpolicyid is XFRMPOLICYMAX ...

Linux Distros Unpatched Vulnerability : CVE-2025-40279

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: sched: actconnmark: initialize struct tcife to fix kernel leak In tcfconnmarkdump, the variable 'opt' was partially initialized using a designatied...

CVE-2025-40278

In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . net? KMSAN: kernel-infoleak in skbdatagramiter In tcfifedump, the variable 'opt' was partially...

DEBIAN-CVE-2025-40279

In the Linux kernel, the following vulnerability has been resolved: net: sched: actconnmark: initialize struct tcife to fix kernel leak In tcfconnmarkdump, the variable 'opt' was partially initialized using a designatied initializer. While the padding bytes are reamined uninitialized. nlaput copi...