Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: UDP: Do not accept non-tunnel GSO packets that land in a tunnel. When rx-udp-gro-forwarding is enabled, UDP packets may be forwarded in a way that causes them to land in a tunnel. This can lead to various issues. udpgroreceive...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21640)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21640 advisory. - In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using...

Linux Distros Unpatched Vulnerability : CVE-2024-26865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rds: tcp: Fix use-after-free of net in reqsktimerhandler. syzkaller reported a warning of netns tracker 0 followed by KASAN splat 1 and another ref tracker...

CVE-2024-26865

In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsktimerhandler. syzkaller reported a warning of netns tracker 0 followed by KASAN splat 1 and another ref tracker warning 1. syzkaller could not find a repro, but in the log, the only...

CVE-2024-26865

CVE-2024-26865 involves a use-after-free in the Linux kernel’s RDS TCP path (reqsk_timer_handler) that can occur when a per-netns listener is created, a reqsk is formed, the process exits, and the netns is dismantled before the timer expires. The issue is fixed by a patch (commit 740ea3c4a0b2) wh...