Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Bonding: Fix for xfrm realdev null pointer dereference We should not set realdev to NULL, because packets may still be in transit, and xfrm might call xdodevoffloadok in parallel. All callbacks assume that realdev is set. Example...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988683)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988683 advisory. In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the realdev refcnt Inject error before devholdrealdev in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986952)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986952 advisory. In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the realdev refcnt Inject error before devholdrealdev in...

EUVD-2022-54839

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-47555

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the realdev refcnt Inject error before devholdrealdev in...

kernel: bonding: fix xfrm real_dev null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

CVE-2022-49390

In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for realdev Create a new macsec device but not get reference to realdev. That can not ensure that realdev is freed after macsec. That will trigger the UAF bug for realdev as following:...

CVE-2022-49390

In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for realdev Create a new macsec device but not get reference to realdev. That can not ensure that realdev is freed after macsec. That will trigger the UAF bug for realdev as following:...

CentOS 9 : kernel-5.14.0-511.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-511.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: pipe: wakeup wrwait after setting maxusage Commit c73be61cede5 pipe...

CVE-2024-44989 bonding: fix xfrm real_dev null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

CVE-2024-44989 bonding: fix xfrm real_dev null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

CVE-2024-44989 bonding: fix xfrm real_dev null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

CVE-2024-44989

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

CVE-2021-47555 net: vlan: fix underflow for the real_dev refcnt

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the realdev refcnt Inject error before devholdrealdev in registervlandev, and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 link dummy1 type vlan id 100...

GSD-2022-1002992 macsec: fix UAF bug for real_dev

macsec: fix UAF bug for realdev This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.15 by commit 78933cbc143b82d02330e00900d2fd08f2682f4e, it...

GSD-2022-1002648 macsec: fix UAF bug for real_dev

macsec: fix UAF bug for realdev This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit d130282179aa6051449ac8f8df1115769998a665, it w...