308 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46099
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6inputcore and rplinput call ip6routeinput which sets a NOREF dst on the skb, then pass it to...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nexthop: Fixed a division by zero issue when replacing a resilient group. The resilient nexthop group torture tests in fibnexthop.sh exposed a possible division by zero issue when replacing a resilient group 1. The division by ze...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we attempt to add an IPv6 nexthop parameter, and IPv6 is not enabled !CONFIGIPV6, we encounter a NULL pointer dereference in the error path of nhcreateipv6...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: vxlan: Fixed the nexthop hash size. The nexthop code expects a 31-bit hash, such as the one returned by fibmultipathhash and rt6multipathhash. Passing a 32-bit hash returned by skbgethash can lead to issues, especially when th...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: All fields in the dumped nexthops structures need to be initialized. The struct nexthopgrp structure contains two reserved fields that are not initialized by nlaputnhgroup. These fields contain garbage values. This...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning The FRR team encountered a kernel warning1 while deleting routes2. This issue occurred when attempting to delete a route that points to a nexthop ID without specifying the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Fixed the issue of “use-after-free” in removenhgrpentry. When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer, and then immediately frees the removed entry’s percpu sta...
SUSE CVE-2026-43374
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...
CVE-2026-43374
A flaw was found in the Linux kernel's networking net: nexthop component. When a nexthop is removed from a group, the system prematurely frees per-CPU percpu statistics memory. This timing issue allows other parts of the kernel that are still referencing the old group to access and potentially...
EUVD-2026-28680
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...
CVE-2026-43374
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...
CVE-2026-43374
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...
UBUNTU-CVE-2026-43374
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...
CVE-2026-43374
Summary: CVE-2026-43374 affects the Linux kernel networking code (net: nexthop). The vuln arises when removing a nexthop from a group: remove_nh_grp_entry() publishes the new group via rcu_assign_pointer() and then immediately frees the removed entry’s percpu stats with free_percpu(), while the s...
CVE-2026-43374
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...
CVE-2026-43374
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...
Linux Distros Unpatched Vulnerability : CVE-2026-43374
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer...
PT-2026-39035
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel within the remove nh grp entry function. The system publishes a new group using rcu assign pointer and immediately frees the removed...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: seg6: Fixed validation of nexthop addresses The kernel currently validates that the length of the provided nexthop address does not exceed the specified limit. This could lead to the kernel reading uninitialized memory if the use...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Release the next-hop information upon removing a device. The CI is experiencing some non-periodic hangs during device removal in the pmtu.sh self-test: unregisternetdevice: Waiting for vethA-R1 to become available. Usage...