OESA-2026-2496 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: Revert "smb: client: fix TCP timers deadlock after rmmod" This reverts commit e9f2517a3e18a54a3943c098d2226b245d488801. Commit e9f2517a3e18 "smb: client: fix TCP...

Linux Distros Unpatched Vulnerability : CVE-2026-46120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 net: ipv6: Use link netns in newlink of rtnllinkops, ip6erspannewlink correctly...

UBUNTU-CVE-2026-46120

In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...

EUVD-2026-32879

In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...

CVE-2026-46120

In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...

CVE-2026-46120

Concrete details found: CVE-2026-46120 affects the Linux kernel ip6_gre machinery. The issue is in ip6erspan_changelink(), which wrongly uses dev_net(dev) instead of the correct per-netns hash resolved by link_net, after a patch series that fixed per-netns resolution in ip6erspan_newlink(). This ...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: rds: TCP: Fixed an issue where a use-after-free occurred in net in reqsktimerhandler. Syzkaller reported a warning regarding the netns tracker 0, followed by KASAN, SPLAT 1, and another ref tracker warning 1. Syzkaller could n...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: udp: Do not accept non-tunnel GSO packets that land in a tunnel. When rx-udp-gro-forwarding is enabled, UDP packets may be forwarded in a way that causes them to land in a tunnel. This can lead to various issues. udpgroreceive...

CVE-2026-43091

In the Linux kernel, the following vulnerability has been resolved: xfrm: Wait for RCU readers during policy netns exit xfrmpolicyfini frees the policybydst hash tables after flushing the policy work items and deleting all policies, but it does not wait for concurrent RCU readers to leave their...

CVE-2026-43091 xfrm: Wait for RCU readers during policy netns exit

In the Linux kernel, the following vulnerability has been resolved: xfrm: Wait for RCU readers during policy netns exit xfrmpolicyfini frees the policybydst hash tables after flushing the policy work items and deleting all policies, but it does not wait for concurrent RCU readers to leave their...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, only the init netns should be allowed to set the default tcpcongestioncontrol to a restricted algorithm. The tcpsetdefaultcongestioncontrol function is netns-safe because it writes to...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: double hook unregistration in netns path nftreleasehooks is called from prenetns exit path which unregisters the hooks, then the NETDEVUNREGISTER event is triggered which unregisters the hooks again. 565.2214...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: ctnetlink: fixed a refcount leak during table dump There is a reference count leak in ctnetlinkdumptable: if res ctgeneral; // HERE cb-args1 = unsigned longct; … Although it’s very unlikely, it’s possible that ct ==...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: TCP: prevented concurrent execution of tcpskexitbatch. It is possible that two threads call tcpskexitbatch concurrently—once from the cleanupnetworkqueue, and once from a task that failed to clone a new netns. In the latter case,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: pfcp: Destroy device along with udp socket's netns dismantle. pfcpnewlink links the device to a list in devnetdev instead of net, where a udp tunnel socket is created. Even when net is removed, the device stays alive on devnetdev...

CVE-2026-31579

In the Linux kernel, the following vulnerability has been resolved: wireguard: device: use exitrtnl callback instead of manual rtnllock in preexit wgnetnspreexit manually acquires rtnllock inside the pernet .preexit callback. This causes a hung task when another thread holds rtnlmutex - the...

SUSE SLES12 Security Update : kernel (Live Patch 73 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:1304-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1304-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.275 fixes various security issues The following security issues were fixed: -...

Security update for the Linux Kernel (Live Patch 66 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.250 fixes various security issues The following security issues were fixed: CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. CVE-2025-39973: i40e: add validation for ringlen param...

SUSE-SU-2026:1297-1 Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.269 fixes various security issues The following security issues were fixed: - CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. - CVE-2025-39973: i40e: add validation for ringlen param...

SUSE-SU-2026:21058-1 Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...