SUSE CVE-2026-31669

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...

DEBIAN-CVE-2026-31669

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...

CVE-2026-31669

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...

EUVD-2026-25562

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...

CVE-2026-31669

The CVE-2026-31669 entry pertains to the Linux kernel MPTCP code. A use-after-free could occur in IPv6 subflow sockets due to premature copying of tcpv6_prot into tcpv6_prot_override during early init, before proto_register(&tcpv6_prot) and its SLAB_TYPESAFE_BY_RCU cache is established. Consequen...

CVE-2026-31669

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...

CVE-2026-31669 mptcp: fix slab-use-after-free in __inet_lookup_established

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013029)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013029 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receive data only if registered Currently, bcsprecv can be called even when the...

EUVD-2025-201637

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receive data only if registered Currently, bcsprecv can be called even when the BCSP protocol has not been registered. This leads to a NULL pointer dereference, as shown in the following stack trace: KASAN:...

SubprotocolRegistry accepts empty string as protocol name

Lines of code Vulnerability details Impact The input sanitization statements in SubprotocolRegistry.sol's register function are: function register bool ordered, bool primary, bool active, address nftAddress, string calldata name, uint96 fee external // ... if !ordered || primary || active revert...

Mozilla Firefox Spoofing Vulnerability

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 63. A remote attacker can exploit the vulnerability to forge the contents of the protocol registration notification bar...

kernel: netns vs proto registration ordering

net/ipv4/ipgre.c in the Linux kernel before 2.6.34, when ipgre is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...

kernel: netns vs proto registration ordering

The tunnels implementation in the Linux kernel before 2.6.34, when tunnel functionality is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...