Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around sysctltcpearlyretrans. When reading sysctltcpearlyretrans, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989386)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989386 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpearlyretrans. While reading sysctltcpearlyretrans, it can be...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987148)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987148 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpearlyretrans. While reading sysctltcpearlyretrans, it can be...

SUSE CVE-2022-49573

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpearlyretrans. While reading sysctltcpearlyretrans, it can be changed concurrently. Thus, we need to add READONCE to its reader...

DEBIAN-CVE-2022-49573

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpearlyretrans. While reading sysctltcpearlyretrans, it can be changed concurrently. Thus, we need to add READONCE to its reader...

UBUNTU-CVE-2022-49573

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpearlyretrans. While reading sysctltcpearlyretrans, it can be changed concurrently. Thus, we need to add READONCE to its reader...

CVE-2022-49573 tcp: Fix a data-race around sysctl_tcp_early_retrans.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpearlyretrans. While reading sysctltcpearlyretrans, it can be changed concurrently. Thus, we need to add READONCE to its reader...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-2394)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : kernel:ACPI: CPPC: Use accesswidth over bitwidth for system memory accessesCVE-2024-35995 ACPI: LPIT: Avoid u32 multiplication...

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2024-2070)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: net: fix use-after-free in twtimerhandler A real world panic issue was found a...

SUSE CVE-2022-48855

In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak for SCTP sockets syzbot reported a kernel infoleak 1 of 4 bytes. After analysis, it turned out r-idiagexpires is not initialized if inetsctpdiagfill calls inetdiagmsgcommonfill Make sure to clear...

DEBIAN-CVE-2022-48855

In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak for SCTP sockets syzbot reported a kernel infoleak 1 of 4 bytes. After analysis, it turned out r-idiagexpires is not initialized if inetsctpdiagfill calls inetdiagmsgcommonfill Make sure to clear...

CVE-2021-46952

In the Linux kernel, the following vulnerability has been resolved: NFS: fscontext: validate UDP retrans to prevent shift out-of-bounds Fix shift out-of-bounds in xprtcalcmajortimeo. This is caused by a garbage timeout retrans mount option being passed to nfs mount, in this case from syzkaller. I...

CVE-2021-46952

In the Linux kernel, the following vulnerability has been resolved: NFS: fscontext: validate UDP retrans to prevent shift out-of-bounds Fix shift out-of-bounds in xprtcalcmajortimeo. This is caused by a garbage timeout retrans mount option being passed to nfs mount, in this case from syzkaller. I...

CVE-2021-46952

In the Linux kernel, the following vulnerability has been resolved: NFS: fscontext: validate UDP retrans to prevent shift out-of-bounds Fix shift out-of-bounds in xprtcalcmajortimeo. This is caused by a garbage timeout retrans mount option being passed to nfs mount, in this case from syzkaller. I...

DEBIAN-CVE-2021-46952

In the Linux kernel, the following vulnerability has been resolved: NFS: fscontext: validate UDP retrans to prevent shift out-of-bounds Fix shift out-of-bounds in xprtcalcmajortimeo. This is caused by a garbage timeout retrans mount option being passed to nfs mount, in this case from syzkaller. I...

CVE-2021-46952

In the Linux kernel, the following vulnerability has been resolved: NFS: fscontext: validate UDP retrans to prevent shift out-of-bounds Fix shift out-of-bounds in xprtcalcmajortimeo. This is caused by a garbage timeout retrans mount option being passed to nfs mount, in this case from syzkaller. I...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: NFS: fscontext: validate UDP retrans to prevent shift out-of-bounds Fix shift out-of-bounds in xprtcalcmajortimeo. This is caused by a garbage timeout retrans mount option being passed to nfs mount, in this case from syzkaller. I...

CVE-2021-46952

In the Linux kernel, the following vulnerability has been resolved: NFS: fscontext: validate UDP retrans to prevent shift out-of-bounds Fix shift out-of-bounds in xprtcalcmajortimeo. This is caused by a garbage timeout retrans mount option being passed to nfs mount, in this case from syzkaller. I...

CVE-2021-46952 NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds

In the Linux kernel, the following vulnerability has been resolved: NFS: fscontext: validate UDP retrans to prevent shift out-of-bounds Fix shift out-of-bounds in xprtcalcmajortimeo. This is caused by a garbage timeout retrans mount option being passed to nfs mount, in this case from syzkaller. I...

CVE-2021-46952

Summary (CVE-2021-46952): In the Linux kernel, NFS with UDP transport was vulnerable to a shift-out-of-bounds due to a garbage UDP retrans timeout being passed to xprt_calc_majortimeo. If retrans is >= 64, the mount fails with an error, preventing exploitation. The fix is a patch to validate U...