CVE-2026-46158

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: always decrease sk refcount When an ADDADDR is retransmitted, the sk is held in skresettimer. It should then be released in all cases at the end. Some unlikely checks were returning directly instead of...

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF A hung task trace was observed during LOGO processing. 974.309060 0000:00:00.0: qedfehdevicereset:868: 1:0:2:0: LUN RESET issued… 974.309065 0000:00:00.0:...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netns: Make getnetns handle zero refcount net Syzkaller hit a warning: refcountt: addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcountwarnsaturate+0xdf/0x1d0 Modules linked in: CPU: 3 PID: 7890...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: vlan: Fixed an issue where the refcount imbalance of VLAN 0 occurred during runtime, due to toggling filtering. Assuming the “rx-vlan-filter” feature is enabled on a network device, the 8021q module will automatically add...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue The devtracker is added to ax25cb in ax25bind. When the ax25 device is detaching, the devtracker of ax25cb should be deallocated in ax25killbydevice instead of the devtracker of ax25dev. The log...

kernel: Linux kernel use-after-free in eventpoll

A flaw was found in the Linux kernel's eventpoll epoll mechanism. A local attacker could exploit a use-after-free vulnerability due to incorrect handling of the 'ep' refcount while the 'ep' mutex is still held. This can lead to memory corruption, potentially allowing the attacker to achieve...

CVE-2025-71152

In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004013)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004013 advisory. The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in vgemgemdumbcreate concurrently, a...

UBUNTU-CVE-2025-68775

In the Linux kernel, the following vulnerability has been resolved: net/handshake: duplicate handshake cancellations leak socket When a handshake request is cancelled it is removed from the handshakenet-hnrequests list, but it is still present in the handshakerhashtbl until it is destroyed. If a...

CVE-2025-68366

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

Linux Distros Unpatched Vulnerability : CVE-2022-50659

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hwrng: geode - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989636)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989636 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF Hung task call trace was seen...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989041)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989041 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: atmel: fix refcount issue in atmelnandcontrollerinit The reference counting issue...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988973)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988973 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stubprobe usbgetdev is called in stubdevicealloc. When stubpro...

EUVD-2014-0206

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987245)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987245 advisory. In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix use-after-free race condition for maps It is possible that in between calling...

CVE-2023-53585

CVE-2023-53585 : In the Linux kernel, a bug in bpf_sk_assign could leak a refcount when a newly created unhashed UDP socket is bound after being added to a sockmap. The issue arises because bpf_sk_assign may be invoked in an RCU-critical section before the sk’s final state (SOCK_RCU_FREE) is appl...

EUVD-2022-39579

Malicious code in bioql PyPI...

EUVD-2025-11180

Malicious code in bioql PyPI...