Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger a lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in notifiers is problematic, so we skip adding the lapbeth...

Astra Linux - уязвимость в linux-5.10

A double-free flaw was discovered in the Linux kernel’s TUN/TAP device driver functionality, particularly in how a user registers the device when the registernetdevice function fails with the NETDEVREGISTER notifier. This flaw allows a local user to crash the system or potentially escalate their...

UBUNTU-CVE-2026-23209

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlancommonnewlink valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip link set up dev p2 ip lin...

CVE-2026-23209

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlancommonnewlink valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip link set up dev p2 ip lin...

CVE-2026-23209

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlancommonnewlink valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip link set up dev p2 ip lin...

CVE-2026-23209

CVE-2026-23209 is a Linux kernel macvlan bug. The issue occurs in macvlan when creating a new link with MACVLAN_MODE_SOURCE and MACVLAN_MACADDR_ADD/SET and the lower device already has a macvlan port, causing a use-after-free after a failed register_netdevice() in the create path. Upstream kernel...

EUVD-2025-29058

Malicious code in bioql PyPI...

CVE-2022-50290

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix memory leak in ieee80211ifadd When registernetdevice failed in ieee80211ifadd, ndev-tstats isn't released. Fix it...

CVE-2022-50290

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-39796

In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...

SUSE CVE-2025-39796

In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...

CVE-2025-39796

In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...

UBUNTU-CVE-2025-39796

In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...

CVE-2025-39796 net: lapbether: ignore ops-locked netdevs

In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...

CVE-2025-39796 net: lapbether: ignore ops-locked netdevs

In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...

UBUNTU-CVE-2022-49853

In the Linux kernel, the following vulnerability has been resolved: net: macvlan: fix memory leaks of macvlancommonnewlink kmemleak reports memory leaks in macvlancommonnewlink, as follows: ip link add link eth0 name .. type macvlan mode source macaddr add kmemleak reports: unreferenced object...

DEBIAN-CVE-2025-22116

In the Linux kernel, the following vulnerability has been resolved: idpf: check error for registernetdev on init Current init logic ignores the error code from registernetdev, which will cause WARNON on attempt to unregister it, if there was one, and there is no info for the user that the creatio...

CVE-2021-47588

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, already called by registernetdevice if something goes wrong. Alternative would be to make ipip6devfree robust against multiple invocations, but...

SUSE CVE-2022-4744

A double-free flaw was found in the Linux kernel's TUN/TAP device driver functionality in how a user registers the device when the registernetdevice function fails NETDEVREGISTER notifier. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: tun: avoid double free in tun_free_netdev

A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the registernetdevice function fails NETDEVREGISTER notifier. This flaw allows a local user to crash or potentially escalate their privileges on the system...