72 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: fixed a refcount bug in skpsockget2. Syzkaller reported the refcount bug as follows: ------------ cut here ------------ refcountt: saturated; memory was leaking. WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: sock: The protection check for psock vs. ULP needs to be reimplemented. Commit 8a59f9d1e3d4 “sock: Introduce sk-skprot-psockupdateskprot” has moved the inetcskhasulpsk check from skpsockinit to the new tcpbpfupdateproto function....
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: kcm: An annotate data-race around kcm-rxpsock has been fixed. kcm-rxpsock can now be read without a lock in kcmrfree. The read and write operations have been adjusted accordingly. The same approach is used for kcm-rxwait in th...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: sockmap: Avoid a race condition between sockmapclose and skpsockput. skpsockget will return NULL if the reference count of psock reaches 0, which will happen when the last call to skpsockput is completed. However, skpsockdrop may...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: In the context of tlsswrecvmsg, we take a reference to psock after locking it with rxlock, in order to avoid a leak. However, if this operation fails, we return directly without releasing the reference. Instead of creating a new...
CVE-2026-43016
In the Linux kernel, the following vulnerability has been resolved: bpf: sockmap: Fix use-after-free of sk-sksocket in skpsockverdictdataready. syzbot reported use-after-free of AFUNIX socket's sk-sksocket in skpsockverdictdataready. 0 In unixstreamsendmsg, the peer socket's -skdataready is calle...
CVE-2026-43016 bpf: sockmap: Fix use-after-free of sk->sk_socket in sk_psock_verdict_data_ready().
In the Linux kernel, the following vulnerability has been resolved: bpf: sockmap: Fix use-after-free of sk-sksocket in skpsockverdictdataready. syzbot reported use-after-free of AFUNIX socket's sk-sksocket in skpsockverdictdataready. 0 In unixstreamsendmsg, the peer socket's -skdataready is calle...
CVE-2026-43016
In the Linux kernel, the following vulnerability has been resolved: bpf: sockmap: Fix use-after-free of sk-sksocket in skpsockverdictdataready. syzbot reported use-after-free of AFUNIX socket's sk-sksocket in skpsockverdictdataready. 0 In unixstreamsendmsg, the peer socket's -skdataready is calle...
EUVD-2026-26615
In the Linux kernel, the following vulnerability has been resolved: bpf: sockmap: Fix use-after-free of sk-sksocket in skpsockverdictdataready. syzbot reported use-after-free of AFUNIX socket's sk-sksocket in skpsockverdictdataready. 0 In unixstreamsendmsg, the peer socket's -skdataready is calle...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013859)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013859 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in skpsockqueuemsg If tcpbpfsendmsg is running during a tear down...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011212)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011212 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in skpsockqueuemsg If tcpbpfsendmsg is running during a tear down...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007605)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007605 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxpsock kcm-rxpsock can be read locklessly in kcmrfree...
PT-2026-36433
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel within the sk psock verdict data ready function. The problem occurs in unix stream sendmsg when the peer socket's sk data ready is calle...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending messages. The sk-sksocket is not locked or referenced in the backlog thread. During the call to skbsendsock, there is a race condition involving the release of sksocket...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993264)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993264 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxpsock kcm-rxpsock can be read locklessly in kcmrfree...
EUVD-2023-60160
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...
CVE-2023-53836
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...
EUVD-2022-54472
In the Linux kernel, the following vulnerability has been resolved: sock: redo the psock vs ULP protection check Commit 8a59f9d1e3d4 "sock: Introduce sk-skprot-psockupdateskprot" has moved the inetcskhasulpsk check from skpsockinit to the new tcpbpfupdateproto function. I'm guessing that this was...
EUVD-2022-55259
Malicious code in bioql PyPI...
EUVD-2025-26752
Malicious code in bioql PyPI...