CVE-2026-43343

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fsubset: Fix unbalanced refcnt in gethfree gethalloc increments the reference count, but gethfree fails to decrement it. This prevents the configuration of attributes via configfs after unlinking the function...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

A flaw was discovered in the ATA over Ethernet AoE driver within the Linux kernel. The aoecmdcfgpkts function improperly updates the refcnt field of the struct netdevice structure. A use-after-free condition may occur due to concurrent operations between the update of the refcnt and accesses...

UBUNTU-CVE-2026-23419

In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rdstcptune syzbot reported a circular locking dependency in rdstcptune where sknetrefcntupgrade is called while holding the socket lock:...

CVE-2026-23296

A flaw was found in the Linux kernel's SCSI core. A reference count leak, a type of resource management issue, occurs when tearing down a SCSI host due to an error in the tagsetrefcnt mechanism. This can cause the system to hang, leading to a Denial of Service DoS for the affected system...

UBUNTU-CVE-2026-23296

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix refcount leak for tagsetrefcnt This leak will cause a hang when tearing down the SCSI host. For example, iscsid hangs with the following call trace: 130120.652718 scsiallocsdev: Allocation failure during SCSI...

CVE-2026-23356 drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock()

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

CVE-2026-23296 scsi: core: Fix refcount leak for tagset_refcnt

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix refcount leak for tagsetrefcnt This leak will cause a hang when tearing down the SCSI host. For example, iscsid hangs with the following call trace: 130120.652718 scsiallocsdev: Allocation failure during SCSI...

Linux Distros Unpatched Vulnerability : CVE-2026-23296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: core: Fix refcount leak for tagsetrefcnt This leak will cause a hang when tearing down the SCSI host. For example, iscsid hangs with the following call...

OPENSUSE-SU-2025:20172-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986876)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986876 advisory. In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix vlan tunnel dst refcnt when egressing The egress tunnel code uses dstclone and...

EUVD-2025-2601

Malicious code in bioql PyPI...

CVE-2023-53489

CVE-2023-53489 affects the Linux kernel memory handling for UDP sockets with TX timestamps and zerocopy skbs. The issue is a memory leak: clones of skbs and their ubuf references can keep a socket refcnt and skb references in the error/clock path, causing leaked sk, sock and skb when close() is c...

CVE-2023-53443

CVE-2023-53443 affects the Linux kernel mfd Arizona driver. The root cause is a refcount leak in arizona_clk32k_enable() caused by using pm_runtime_get_sync(), which can increase the refcount even on error. The fix is to use pm_runtime_resume_and_get() to avoid leaking references. Impact per advi...

Linux Distros Unpatched Vulnerability : CVE-2022-50109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfbofinitdisplay, we should call ofnodeput for the references returned by ofgraphgetnextendpoint and...

UBUNTU-CVE-2022-49080

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace If mpolnew is allocated but not used in restart loop, mpolnew will be freed via mpolput before returning to the caller. But refcnt is not initialized yet, so mpolput could not...

CVE-2025-21652

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix use-after-free in ipvlangetiflink. syzbot presented an use-after-free report 0 regarding ipvlan and linkwatch. ipvlan does not hold a refcnt of the lower device unlike vlan and macvlan. If the linkwatch work is...

CVE-2025-21652

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix use-after-free in ipvlangetiflink. syzbot presented an use-after-free report 0 regarding ipvlan and linkwatch. ipvlan does not hold a refcnt of the lower device unlike vlan and macvlan. If the linkwatch work is...

CVE-2024-53095

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...

CVE-2024-53095

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...