Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: eventfs: Use listdelrcu for SRCU protected list variable Chi Zhiling reported: We found a null pointer accessing in tracefs1, the reason is that the variable 'eichild' is set to LISTPOISON1, that means the list was removed in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pfcp: The device is destroyed along with the udp socket’s netns structure. The pfcpnewlink function links the device to a specific list in devnetdev, rather than to net, where an udp tunnel socket is created. Even when net is...

SUSE CVE-2025-40343

In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmetportsubsysdroplink first calls nvmetportdelctrls and then nvmetdisableport. Both functions will eventuall...

UBUNTU-CVE-2025-38588

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6nlmsgsize While testing prior patch, I was able to trigger an infinite loop in rt6nlmsgsize in the following place: listforeachentryrcusibling, &f6i-fib6siblings, fib6siblings...

Linux Distros Unpatched Vulnerability : CVE-2025-21823

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batman-adv: Drop unmanaged ELP metric worker The ELP worker needs to calculate new metric values for all neighbors reachable over an interface. Some of the used...

SUSE CVE-2025-21823

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Drop unmanaged ELP metric worker The ELP worker needs to calculate new metric values for all neighbors "reachable" over an interface. Some of the used metric sources require locks which might need to sleep. This sleep...

CVE-2025-21823

CVE-2025-21823 relates to the Batman-adv (batman-adv) Linux kernel module. The root cause was the ELP metric worker per interface, which could sleep while iterating over neighbors under an RCU list, creating a race that could lead to invalid memory access if the worker was canceled or if interfac...

CVE-2025-21823 batman-adv: Drop unmanaged ELP metric worker

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Drop unmanaged ELP metric worker The ELP worker needs to calculate new metric values for all neighbors "reachable" over an interface. Some of the used metric sources require locks which might need to sleep. This sleep...

CVE-2025-21664 dm thin: make get_first_thin use rcu-safe list first function

In the Linux kernel, the following vulnerability has been resolved: dm thin: make getfirstthin use rcu-safe list first function The documentation in rculist.h explains the absence of listemptyrcu and cautions programmers against relying on a listempty - listfirst sequence in RCU safe code. This i...

CVE-2024-53047 mptcp: init: protect sched with rcu_read_lock

In the Linux kernel, the following vulnerability has been resolved: mptcp: init: protect sched with rcureadlock Enabling CONFIGPROVERCULIST with its dependence CONFIGRCUEXPERT creates this splat when an MPTCP socket is created: ============================= WARNING: suspicious RCU usage 6.12.0-rc...

CVE-2024-39503 netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and the garbage collection of the list:set type. The...

CVE-2024-39503 netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and the garbage collection of the list:set type. The...

CVE-2024-39503

CVE-2024-39503 : Linux kernel netfilter ipset race in the list:set type (namespace cleanup vs. gc) has a confirmed fix. The issue was a race that could cause use-after-free by GC data being accessed after the set is destroyed. The patch changes destruction order: when destroying all sets, first r...