Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Do not leak netobj memory when gssreadproxyverf fails...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013691)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013691 advisory. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Don't leak netobj memory when gssreadproxyverf fails Tenable has extracted the preceding...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011065)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011065 advisory. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Don't leak netobj memory when gssreadproxyverf fails Tenable has extracted the preceding...

SUSE-SU-2026:21056-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

SUSE-SU-2026:21005-1 Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf bsc1256780. - CVE-2026-22999: net/sched: schqfq: do not fre...

AZL-74628 CVE-2025-71120 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

CVE-2025-71120

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

CVE-2025-71120 SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

CVE-2022-50821

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Don't leak netobj memory when gssreadproxyverf fails Mitigation To mitigate this issue, prevent module sunrpc from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to...

SUSE CVE-2022-50821

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Don't leak netobj memory when gssreadproxyverf fails...

PT-2026-2881

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the SUNRPC component, specifically in the svcauth gss function related to handling zero-length gss token values during the gss read proxy verf...