CVE-2026-46132

In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero iflavfbroadcast to avoid stack infoleak in rtnlfillvfinfo rtnlfillvfinfo declares struct iflavfbroadcast on the stack without initialisation: struct iflavfbroadcast vfbroadcast; The struct contains a single...

CVE-2026-46132 net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo

In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero iflavfbroadcast to avoid stack infoleak in rtnlfillvfinfo rtnlfillvfinfo declares struct iflavfbroadcast on the stack without initialisation: struct iflavfbroadcast vfbroadcast; The struct contains a single...

CVE-2026-43916 pam_authnft: Heap buffer overflow in NETLINK_SOCK_DIAG reply walker

pamauthnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peerlookuptcp src/peerlookup.c:134, prior to the fix allowed a crafted NETLINKSOCKDIAG reply to slip past the message-size check, then...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: netlink: Fixed an issue where the kernel could be exposed after free operation in skbdatagramiter. The syzbot reported the following issue with uninitialized value access 1: The netlinktofullskb function creates a new skb and...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013745)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013745 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007532)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007532 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devic...

ROS-20260403-73-0013

A vulnerability in the netlink component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker to cause a denial of service...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21787)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21787 advisory. - In the Linux kernel, the following vulnerability has been resolved: team: better TEAMOPTIONTYPESTRING...

MiracleLinux 4 : kernel-2.6.32-696.13.2.el6 (AXSA:2017-2392:07)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2392:07 advisory. Kernel memory corruption due to a buffer overflow was found in brcmfcfg80211mgmttx function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability ca...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003358)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003358 advisory. The tipcnlcompatlinkdump function in net/tipc/netlinkcompat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to...

CVE-2025-71066 net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange [email protected] says: The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. It leads to UAF on stru...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: netlink: avoided infinite retry loops in netlinkunicast The netlinkattachskb function checks the read memory allocation constraints of the socket. First, it checks whether the newly increased rmem value fits within the socket’...

EUVD-2023-59720

Malicious code in bioql PyPI...

EUVD-2025-22676

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-38727

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite retry looping in netlinkunicast netlinkattachskb checks for the...

Linux Distros Unpatched Vulnerability : CVE-2014-0181

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket,...

Linux Distros Unpatched Vulnerability : CVE-2024-26805

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netlink: Fix kernel-infoleak-after-free in skbdatagramiter syzbot reported the following uninit-value access issue 1: netlinktofullskb creates a new skb and put...

CVE-2025-38465 netlink: Fix wraparounds of sk->sk_rmem_alloc.

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix wraparounds of sk-skrmemalloc. Netlink has this pattern in some places if atomicread&sk-skrmemalloc sk-skrcvbuf atomicaddskb-truesize, &sk-skrmemalloc; , which has the same problem fixed by commit 5a465a0da13e "udp:...

CVE-2022-49766

In the Linux kernel, the following vulnerability has been resolved: netlink: Bounds-check struct nlmsgerr creation In preparation for FORTIFYSOURCE doing bounds-check on memcpy, switch from nlmsgput to nlmsgput, and explain the bounds check for dealing with the memcpy across a composite flexible...

CVE-2022-49766 netlink: Bounds-check struct nlmsgerr creation

In the Linux kernel, the following vulnerability has been resolved: netlink: Bounds-check struct nlmsgerr creation In preparation for FORTIFYSOURCE doing bounds-check on memcpy, switch from nlmsgput to nlmsgput, and explain the bounds check for dealing with the memcpy across a composite flexible...