Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: rejecting negative ifindex values Recent changes in net-next commit 759ab1edb56c refactored the handling of pre-assigned ifindex values. This led to a latent issue in ovs. ovs does not validate ifindex values,...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021586)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021586 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated...

Linux Distros Unpatched Vulnerability : CVE-2026-31495

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that...

CVE-2026-31420

In the Linux kernel, the following vulnerability has been resolved: bridge: mrp: reject zero test interval to avoid OOM panic brmrpstarttest and brmrpstartintest accept the user-supplied interval value from netlink without validation. When interval is 0, usecstojiffies0 yields 0, causing the...

CVE-2026-31420 bridge: mrp: reject zero test interval to avoid OOM panic

In the Linux kernel, the following vulnerability has been resolved: bridge: mrp: reject zero test interval to avoid OOM panic brmrpstarttest and brmrpstartintest accept the user-supplied interval value from netlink without validation. When interval is 0, usecstojiffies0 yields 0, causing the...

CVE-2026-31420

CVE-2026-31420 affects Linux kernel bridge MRP interval handling. Vulerability arises when br_mrp_start_test/br_mrp_start_in_test accept a user-supplied interval from netlink with no validation; if interval is 0, the delay becomes zero and a tight loop can exhaust memory, causing an OOM kernel pa...

PT-2026-32346

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The bridge MRP component fails to validate user-supplied interval values from netlink in the br mrp start test, br mrp start in test, and br mrp start in test parse functions. When an...

Linux Distros Unpatched Vulnerability : CVE-2026-31420

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bridge: mrp: reject zero test interval to avoid OOM panic brmrpstarttest and brmrpstartintest accept the user-supplied interval value from netlink without...

CVE-2025-68785 net: openvswitch: fix middle attribute validation in push_nsh() action

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990309)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990309 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated...

SUSE CVE-2023-53000

In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla; if type == 0 || type maxtype / error or continue / @type is then used as a...

DEBIAN-CVE-2023-53000

In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla; if type == 0 || type maxtype / error or continue / @type is then used as a...

CVE-2024-26849 netlink: add nla be16/32 types to minlen array

In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit-value in nlavalidaterangeunsigned lib/nlattr.c:222 inline BUG: KMSAN: uninit-value in nlavalidateintrange lib/nlattr.c:336 inline BUG: KMSAN: uninit-value in...

PT-2024-7724 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the netlink component of the Linux kernel, where the validation code reads past a malformed attribute due to a missing size in the minlen array for NLA BE32. Th...

Ubuntu USN-758-1 (udev)

The remote host is missing an update to udev announced via advisory USN-758-1. OpenVAS Vulnerability Test $Id: ubuntu7581.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7581.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-758-1 udev Authors: Thomas Reinke...