Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places where qla4xxx parses nlattrs: - qla4xxxsetchapentry - qla4xxxifacesetparam - qla4xxxsysfsddbsetparam Each of these functions converts nlattr to a specifi...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010886)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010886 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput...

SUSE CVE-2026-31428

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...

CVE-2026-31428

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...

CVE-2026-31428

CVE-2026-31428 — In the Linux kernel, nfnetlink_log’s __build_packet_message() previously built NFULA_PAYLOAD attributes manually via skb_put()/skb_copy_bits(), bypassing nla_reserve()/nla_put(). This caused trailing padding to remain uninitialized, leaking stale heap data to userspace over NFLOG...

PT-2026-32354

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the netfilter nfnetlink log component allows the leak of stale heap contents to userspace via the NFLOG netlink socket. The function build packet message manually constructs th...

CVE-2026-33995

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c can cause a crash in any FreeRDP clients on systems where...

CVE-2026-33995

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c can cause a crash in any FreeRDP clients on systems where...

CVE-2025-71096

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...

CVE-2025-71096 RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...

PT-2026-29141

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.2 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A double-free issue exists in the kerberos AcceptSecurityContext and kerberos InitializeSecurityContextA functions WinPR,...

EUVD-2022-55700

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput called from nfcgenlsendtarget when target-sensbreslen, which is duplicated from an nfctarget in pn533, is too large as the nfctarge...

UBUNTU-CVE-2022-50656

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput called from nfcgenlsendtarget when target-sensbreslen, which is duplicated from an nfctarget in pn533, is too large as the nfctarge...

Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2024-42283)

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthopgrp contains two reserved fields that are not initialized by nlaputnhgroup, and carry garbage. This can be observed e.g. with strace edited for clarity: ip...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987615)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987615 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch...

CVE-2023-53369 net: dcb: choose correct policy to parse DCB_ATTR_BCN

In the Linux kernel, the following vulnerability has been resolved: net: dcb: choose correct policy to parse DCBATTRBCN The dcbnlbcnsetcfg uses erroneous policy to parse tbDCBATTRBCN, which is introduced in commit 859ee3c43812 "DCB: Add support for DCB BCN". Please see the comment in below code...

kernel: nbd: null check for nla_nest_start

In the Linux kernel, the following vulnerability has been resolved: nbd: null check for nlaneststart The Linux kernel CVE team has assigned CVE-2024-27025 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050107-CVE-2024-27025-babd@gregkh/T...

Vulnerability of the nla_put_notification_header() function in the drivers/block/drbd/drbd_nl.c module – This driver is part of the Linux kernel’s block device support mechanism. It allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the nlaputnotificationheader function in the drivers/block/drbd/drbdnl.c module – The Linux block device support driver is vulnerable due to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The vulnerabilities of the functions nla_alloc_flow_actions() and ovs_nla_free_set_action() in the net_openvswitch/flow_netlink.c module of the Linux kernel allow a attacker to cause a service failure.

The vulnerabilities of the functions nlaallocflowactions and ovsnlafreesetaction in the netopenvswitch/flownetlink.c module of the Linux kernel are related to memory leaks. Exploiting these vulnerabilities could allow an attacker to cause a service failure...

kernel: nbd: null check for nla_nest_start

In the Linux kernel, the following vulnerability has been resolved: nbd: null check for nlaneststart The Linux kernel CVE team has assigned CVE-2024-27025 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050107-CVE-2024-27025-babd@gregkh/T...