EUVD-2026-32214

In the Linux kernel, the following vulnerability has been resolved: net: mctp: ensure our nlmsg responses are initialised Syed Faraz Abrar @farazsth98 from Zellic, and Pumpkin @u1f383 from DEVCORE Research Team working with Trend Micro Zero Day Initiative report that a RTMGETNEIGH will return...

EUVD-2026-26363

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: add missing netlinknscapable check for peer netns rtnlnewlink lacks a CAPNETADMIN capability check on the peer network namespace when creating paired devices veth, vxcan, netkit. This allows an unprivileged user with a...

CVE-2025-71096

Summary (CVE-2025-71096) : The Linux kernel RDMA core netlink path handling RDMA_NL_LS_OP_IP_RESOLVE could return a DGID-less response, risking an uninitialized read on the stack. The fix ensures the LS_NLA_TYPE_DGID attribute is present, uses nla_parse_deprecated() to populate nlattrs, and then ...

GHSA-585Q-CM62-757J mnl has segmentation fault and invalid memory read in `mnl::cb_run`

The function mnl::cbrun is marked as safe but exhibits unsound behavior when processing malformed Netlink message buffers. Passing a crafted byte slice to mnl::cbrun can trigger memory violations. The function does not sufficiently validate the input buffer structure before processing, leading to...

PT-2025-18483 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the netlink protocol. The issue involves bounds-checking for the creation of the struct nlmsgerr, which is used to...

CVE-2024-53212

In the Linux kernel, the following vulnerability has been resolved: netlink: fix false positive warning in extack during dumps Commit under fixes extended extack reporting to dumps. It works under normal conditions, because extack errors are usually reported during -start or the first -dump, it's...

DEBIAN-CVE-2021-47606

In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netemenqueue function which is caused when skb-len=0 and skb-datalen=0 in...

UBUNTU-CVE-2021-47606

In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netemenqueue function which is caused when skb-len=0 and skb-datalen=0 in...

GSD-2021-1002621 net: netlink: af_netlink: Prevent empty skb by adding a check on len.

net: netlink: afnetlink: Prevent empty skb by adding a check on len. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.294 by commit...

Linux Kernel 3.3-3.8 - SOCK_DIAG Local Root Exploit

影响范围：Linux Kernel 3.3-3.8CVE-ID：CVE-2013-1763Linux内核处理netlink协议时，存在一处内存越界访问，成功利用可执行任意代码，进行本地提权。漏洞代码如下：static int sockdiagrcvmsgstruct skbuff skb, struct nlmsghdr nlh int err; struct sockdiagreq req = NLMSGDATAnlh; struct sockdiaghandler hndl; if nlmsglennlh sizeofreq return -EINVAL; hndl =...

libcgroup: Uncheck origin of NETLINK messages

The cgrereceivenetlinkmsg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library aka libcgroup or libcg before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted...