CVE-2026-53212

CVE-2026-53212 affects the Linux kernel’s netfilter nft_tunnel subsystem. The vulnerability arises in nft_tunnel_obj_destroy(), which calls metadata_dst_free() to free a metadata_dst directly with kfree(), bypassing the dst_entry reference counting. Packets that hold a dst reference via dst_hold(...

CVE-2026-53212

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttunnel: fix use-after-free on object destroy nfttunnelobjdestroy calls metadatadstfree which directly kfrees the metadatadst, ignoring the dstentry refcount. Packets that took a reference via dsthold in...

CVE-2022-50860 apparmor: Fix memleak in alloc_ns()

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in allocns After changes in commit a1bd627b46d1 "apparmor: share profile name on replacement", the hname member of struct aapolicy is not valid slab object, but a subset of that, it can not be freed by...

CVE-2023-53795 iommufd: IOMMUFD_DESTROY should not increase the refcount

In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFDDESTROY should not increase the refcount syzkaller found a race where IOMMUFDDESTROY increments the refcount: obj = iommufdgetobjectucmd-ictx, cmd-id, IOMMUFDOBJANY; if ISERRobj return PTRERRobj;...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987203)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987203 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memory leak during stateful obj update stateful objects can be updated...