Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: ipv4: Handled attempts to delete multipath routes when fibinfo contains a reference to nh. Gwangun Jung reported a buffer overflow vulnerability in fibnhmatch: fibnhmatch+0xf98/0x1130, linux-6.0-rc7/net/ipv4/fibsemantics.c:961...

ipv4: Fix reference count leak when using error routes with nexthop objects

...

CVE-2025-71097 ipv4: Fix reference count leak when using error routes with nexthop objects

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix reference count leak when using error routes with nexthop objects When a nexthop object is deleted, it is marked as dead and then fibtableflush is called to flush all the routes that are using the dead nexthop. The...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989258)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989258 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 whil...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD in arp,neighreduce when using nexthop objects When the "proxy" option is enabled on a VXLAN device, the device will suppress ARP requests and IPv6 Neighbor Solicitation messages if it is able to reply on behalf of...

vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects

...

CVE-2025-39850

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD in arp,neighreduce when using nexthop objects When the "proxy" option is enabled on a VXLAN device, the device will suppress ARP requests and IPv6 Neighbor Solicitation messages if it is able to reply on behalf of...

CVE-2025-39850 vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD in arp,neighreduce when using nexthop objects When the "proxy" option is enabled on a VXLAN device, the device will suppress ARP requests and IPv6 Neighbor Solicitation messages if it is able to reply on behalf of...

CVE-2025-39850 vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD in arp,neighreduce when using nexthop objects When the "proxy" option is enabled on a VXLAN device, the device will suppress ARP requests and IPv6 Neighbor Solicitation messages if it is able to reply on behalf of...

CVE-2025-39850 vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD in arp,neighreduce when using nexthop objects When the "proxy" option is enabled on a VXLAN device, the device will suppress ARP requests and IPv6 Neighbor Solicitation messages if it is able to reply on behalf of...

CVE-2025-39850

CVE-2025-39850 affects the Linux kernel vxlan implementation. When the VXLAN device runs with the proxy option enabled, ARP/IPv6 Neighbor Solicitation can be spuriously suppressed if the remote host’s MAC is not behind the any remote. The root cause is dereferencing an FDB nexthop entry that may ...

UBUNTU-CVE-2022-49092

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 while deleting routes2 which is caused by trying to delete a route pointing to a nexthop id without specifying nhid but matching on an...

CVE-2022-48999

CVE-2022-48999 concerns a Linux kernel issue in IPv4 multipath route deletion. The root cause is a slab-out-of-bounds read in fib_nh_match when deleting a route where fib_info references a nexthop while separate nexthop objects conflict with the legacy multipath spec. The workaround/fix implement...