Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: unlink NAPIs from queues on error to open The CI detected a UaF in fbnic within the AFXDP section of the queues.py test. The UaF occurs in the skmarknapiidonce function call in xskbind. The NAPI has been freed. It see...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ath11k: fixed the kernel panic that occurred during the unloading/loading of ath11k modules. Fixed the call to netifnapidel from ath11kahbfreeextirq, to prevent the following kernel panic when unloading/loading ath11k modules...

Astra Linux – Vulnerability in Chromium

Before version 90.0.4430.72, using the "after free" mechanism in the Network API of Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted Chrome Extension...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Net: tun: Unlinking the NAPI from the device upon destruction. Syzbot identified a race condition between the tun file and the device destruction process. NAPIs reside in the structtunfile structure, and this structure may be...

CVE-2026-31644

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix use-after-free and leak in lan966xfdmareload When lan966xfdmareload fails to allocate new RX buffers, the restore path restarts DMA using old descriptors whose pages were already freed via lan966xfdmarxfreepages...

PT-2026-34996

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix use-after-free and leak in lan966x fdma reload When lan966x fdma reload fails to allocate new RX buffers, the restore path restarts DMA using old descriptors whose pages were already freed via lan966x fdma rx fr...

PT-2026-34374

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the virtio net driver when it is configured with napi tx=N and the IFF XMIT DST RELEASE flag is cleared, such as during the configuration of tc route...

CVE-2024-51348

A stack-based buffer overflow vulnerability in the P2P API service in BS Producten Petcam with firmware 33.1.0.0818 allows unauthenticated attackers within network range to overwrite the instruction pointer and achieve Remote Code Execution RCE by sending a specially crafted HTTP request...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46784)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46784 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix error handling in...

CVE-2025-68341

In the Linux kernel, the following vulnerability has been resolved: veth: reduce XDP nodirect return section to fix race As explain in commit fa349e396e48 "veth: Fix race with AFXDP exposing old or uninitialized descriptors" for veth there is a chance after napicompletedone that another CPU can...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990563)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990563 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989955)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989955 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device...

CVE-2023-53685

In the Linux kernel, the following vulnerability has been resolved: tun: Fix memory leak for detached NAPI queue. syzkaller reported 0 memory leaks of sk and skb related to the TUN device with no repro, but we can reproduce it easily with: struct ifreq ifr = int fdtun, fdtmp; char buf4 = ; fdtun ...

EUVD-2022-25900

Malicious code in bioql PyPI...

EUVD-2025-13641

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-38570

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: unlink NAPIs from queues on error to open CI hit a UaF in fbnic in the AFXDP...

DEBIAN-CVE-2025-38385

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in netifnapidellocked during USB device disconnect: WARNING: CPU: 0 PID: 11 at...

UBUNTU-CVE-2025-38385

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in netifnapidellocked during USB device disconnect: WARNING: CPU: 0 PID: 11 at...

UBUNTU-CVE-2025-38009

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: disable napi on driver removal A warning on driver removal started occurring after commit 9dd05df8403b "net: warn if NAPI instance wasn't shut down". Disable tx napi before deleting it in mt76dmacleanup. WARNING: CPU:...

[SECURITY] Fedora 41 Update: python-h11-0.14.0-7.fc41

This is a little HTTP/1.1 library written from scratch in Python, heavily inspired by hyper-h2. It is a "bring-your-own-I/O" library; h11 contains no IO code whatsoever. This means you can hook h11 up to your favorite network API, and that could be anything you want: synchronous, threaded,...