13 matches found
SUSE CVE-2026-46086
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use a stable FDB dst snapshot in RCU readers Local FDB entries can be rewritten in place by fdbdeletelocal, which updates f-dst to another port or to NULL while keeping the entry alive. Several bridge RCU readers...
CVE-2026-46086
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use a stable FDB dst snapshot in RCU readers Local FDB entries can be rewritten in place by fdbdeletelocal, which updates f-dst to another port or to NULL while keeping the entry alive. Several bridge RCU readers...
CVE-2026-46086
The CVE-2026-46086 issue affects the Linux kernel’s bridge FDB code. Local FDB entries could be rewritten in place by fdb_delete_local(), changing f->dst to another port or NULL while entries remain alive. Several bridge RCU readers (e.g., br_fdb_fillbuf() via brforward_read()) may observe f-&...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: Defer the release of memory until after the rcu readers have finished their operations. Yiming Qian reported a UaF issue when a concurrent process was dumping hooks via nfnetlinkhooks. Bug: KASAN: A...
CVE-2026-43091
In the Linux kernel, the following vulnerability has been resolved: xfrm: Wait for RCU readers during policy netns exit xfrmpolicyfini frees the policybydst hash tables after flushing the policy work items and deleting all policies, but it does not wait for concurrent RCU readers to leave their...
SUSE CVE-2026-23412
In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: defer hook memory release until rcu readers are done Yiming Qian reports UaF when concurrent process is dumping hooks via nfnetlinkhooks: BUG: KASAN: slab-use-after-free in nfnlhookdumpone.isra.0+0xe71/0x10f0 Read...
EUVD-2026-18190
In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: defer hook memory release until rcu readers are done Yiming Qian reports UaF when concurrent process is dumping hooks via nfnetlinkhooks: BUG: KASAN: slab-use-after-free in nfnlhookdumpone.isra.0+0xe71/0x10f0 Read...
UBUNTU-CVE-2026-23412
In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: defer hook memory release until rcu readers are done Yiming Qian reports UaF when concurrent process is dumping hooks via nfnetlinkhooks: BUG: KASAN: slab-use-after-free in nfnlhookdumpone.isra.0+0xe71/0x10f0 Read...
CVE-2026-23412
In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: defer hook memory release until rcu readers are done Yiming Qian reports UaF when concurrent process is dumping hooks via nfnetlinkhooks: BUG: KASAN: slab-use-after-free in nfnlhookdumpone.isra.0+0xe71/0x10f0 Read...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ipv6: preventing infinite loops in rt6nlmsgsize During testing of the previous patch, I was able to trigger an infinite loop in rt6nlmsgsize at the following location: listforeachentryrcusibling, &f6i-fib6siblings, fib6siblings...
EUVD-2025-27917
Malicious code in bioql PyPI...
SUSE CVE-2025-38588
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6nlmsgsize While testing prior patch, I was able to trigger an infinite loop in rt6nlmsgsize in the following place: listforeachentryrcusibling, &f6i-fib6siblings, fib6siblings...
DEBIAN-CVE-2025-38588
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6nlmsgsize While testing prior patch, I was able to trigger an infinite loop in rt6nlmsgsize in the following place: listforeachentryrcusibling, &f6i-fib6siblings, fib6siblings...