Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: netrom: Check the buffer length before accessing it. Syzkaller reports an issue where an uninit value is read from ax25cmp when sending raw messages through the ieee802154 implementation...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021643 advisory. In the Linux kernel, the following vulnerability has been resolved: netrom: check buffer length before accessing it Syzkaller reports an uninit value read from ax25c...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netrom: Fixed data races related to sysctlnetbusyread. We need to protect the reader who is reading the sysctl value, as this value can be changed concurrently...

Linux Distros Unpatched Vulnerability : CVE-2025-68787

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netrom: Fix memory leak in nrsendmsg syzbot reported a memory leak 1. When function sockallocsendskb return NULL in nroutput, the original skb is not freed, whi...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-387783)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387783 advisory. In the Linux kernel, the following vulnerability has been resolved: netrom: check buffer length before accessing it Syzkaller reports an uninit value read from ax25c...

Linux Distros Unpatched Vulnerability : CVE-2023-32269

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/afnetrom.c, there is a use- after-free because accept is also allowed for a successfull...

CVE-2024-57802

In the Linux kernel, the following vulnerability has been resolved: netrom: check buffer length before accessing it Syzkaller reports an uninit value read from ax25cmp when sending raw message through ieee802154 implementation. ===================================================== BUG: KMSAN:...

CVE-2024-57802 netrom: check buffer length before accessing it

In the Linux kernel, the following vulnerability has been resolved: netrom: check buffer length before accessing it Syzkaller reports an uninit value read from ax25cmp when sending raw message through ieee802154 implementation. ===================================================== BUG: KMSAN:...

CVE-2024-57802 netrom: check buffer length before accessing it

In the Linux kernel, the following vulnerability has been resolved: netrom: check buffer length before accessing it Syzkaller reports an uninit value read from ax25cmp when sending raw message through ieee802154 implementation. ===================================================== BUG: KMSAN:...

CVE-2024-41006

In the Linux kernel, the following vulnerability has been resolved: netrom: Fix a memory leak in nrheartbeatexpiry syzbot reported a memory leak in nrcreate 0. Commit 409db27e3a2e "netrom: Fix use-after-free of a listening socket." added sockhold to the nrheartbeatexpiry function, where a a socke...

CVE-2024-41006

In the Linux kernel, the following vulnerability has been resolved: netrom: Fix a memory leak in nrheartbeatexpiry syzbot reported a memory leak in nrcreate 0. Commit 409db27e3a2e "netrom: Fix use-after-free of a listening socket." added sockhold to the nrheartbeatexpiry function, where a a socke...

CVE-2024-38589

CVE-2024-38589 : In the Linux kernel netrom subsystem, a deadlock can occur in nr_rt_ioctl due to a circular locking dependency between nr_node_list_lock and nr_node_lock. Syzbot identified a possible deadlock when attempting to acquire nr_node_lock while already holding nr_node_list_lock, with t...

CVE-2024-38589 netrom: fix possible dead-lock in nr_rt_ioctl()

In the Linux kernel, the following vulnerability has been resolved: netrom: fix possible dead-lock in nrrtioctl syzbot loves netrom, and found a possible deadlock in nrrtioctl 1 Make sure we always acquire nrnodelistlock before nrnodelocknrnode 1 WARNING: possible circular locking dependency...

CVE-2021-47294

In the Linux kernel, the following vulnerability has been resolved: netrom: Decrease sock refcount when sock timers expire Commit 63346650c1a9 "netrom: switch to sock timer API" switched to use sock timer API. It replaces modtimer by skresettimer, and deltimer by skstoptimer. Function skresettime...

CVE-2024-27420

A flaw was found in the netrom module in the Linux kernel. A race condition can occur when reading the sysctlnetromlinkfailscount resource due to a missing lock, which may impact system stability and can result in a denial of service...

CVE-2024-27419

In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctlnetbusyread We need to protect the reader reading the sysctl value because the value can be changed concurrently...

AZL-26623 CVE-2023-32269 affecting package kernel for versions less than 5.15.112.1-1

An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/afnetrom.c, there is a use-after-free because accept is also allowed for a successfully connected AFNETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the...