net: rose: convert 'use' field to refcount_t

...

Linux Distros Unpatched Vulnerability : CVE-2025-39826

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: rose: convert 'use' field to refcountt The 'use' field in struct roseneigh is used as a reference counter but lacks atomicity. This can lead to race...

AZL-67434 CVE-2025-39826 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: net: rose: convert 'use' field to refcountt The 'use' field in struct roseneigh is used as a reference counter but lacks atomicity. This can lead to race conditions where a roseneigh structure is freed while still being reference...

CVE-2025-39827

In the Linux kernel, the following vulnerability has been resolved: net: rose: include node references in roseneigh refcount Current implementation maintains two separate reference counting mechanisms: the 'count' field in struct roseneigh tracks references from rosenode structures, while the 'us...

CVE-2022-48858

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix a race on command flush flow Fix a refcount use after free warning due to a race on command entry. Such race occurs when one of the commands releases its last refcount and frees its index and entry while another...

CVE-2024-40958

In the Linux kernel, the following vulnerability has been resolved: netns: Make getnetns handle zero refcount net Syzkaller hit a warning: refcountt: addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcountwarnsaturate+0xdf/0x1d0 Modules linked in: CPU: 3 PID: 7890...

CVE-2024-40958 netns: Make get_net_ns() handle zero refcount net

In the Linux kernel, the following vulnerability has been resolved: netns: Make getnetns handle zero refcount net Syzkaller hit a warning: refcountt: addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcountwarnsaturate+0xdf/0x1d0 Modules linked in: CPU: 3 PID: 7890...

CVE-2024-40958

CVE-2024-40958 relates to the Linux kernel: get_net_ns() may perform a refcount increment on a net namespace with zero refcount, triggering a use-after-free warning and potential kernel panic. The root cause is an addition on 0 refcount via get_net_ns(), surfaced during operations like netns swit...

CVE-2024-40958 netns: Make get_net_ns() handle zero refcount net

In the Linux kernel, the following vulnerability has been resolved: netns: Make getnetns handle zero refcount net Syzkaller hit a warning: refcountt: addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcountwarnsaturate+0xdf/0x1d0 Modules linked in: CPU: 3 PID: 7890...

CVE-2024-38555 net/mlx5: Discard command completions in internal error

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Discard command completions in internal error Fix use after free when FW completion arrives while device is in internal error state. Avoid calling completion handler in this case, since the device will flush the command...

CVE-2021-47459

CVE-2021-47459 describes a use-after-free in the Linux kernel can: j1939: j1939_netdev_start() related to rx_kref of j1939_priv. The issue arises during j1939_sk_bind and netdev_start when rx_kref is accessed without proper synchronization. Public advisories indicate this is fixed by kernel updat...

CVE-2024-35932

A flaw was found in the vc4 module in the Linux kernel. In some conditions, an invalid check can cause an improper update of reference count, causing a use-after-free and resulting in a denial of service...

CVE-2024-35932

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane-state-fb == state-fb Currently, when using non-blocking commits, we can see the following kernel warning: 110.908514 ------------ cut here ------------ 110.908529 refcountt: underflow; use-after-free...

CVE-2024-35932

CVE-2024-35932 affects the Linux kernel DRM VC4 driver. The issue is in non-blocking commits where the check plane->state->fb == state->fb is not reliably protected, causing potential refcount underflow across prepare_fb/cleanup_fb. The root cause is that drm_plane.state should not be ac...

CVE-2022-48695

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcountt: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c:28...

CVE-2022-48695

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcountt: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c:28...

CVE-2024-26958

A use-after-free flaw was found in fs/nfs/direct.c in the Linux kernel. This may lead to a crash...

CVE-2024-26958

In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------ cut here ------------ refcountt: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28...

CVE-2024-26958 nfs: fix UAF in direct writes

In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------ cut here ------------ refcountt: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28...

CVE-2024-26958

CVE-2024-26958 is a Linux kernel vulnerability in the NFS direct write path that could cause use-after-free (refcount underflow) when completing nfs_direct_request twice in a row. A patch fixes the double-completion scenario; the CVSS 3.1 base score is 7.8 (High) with Local attack and High impact...