Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: ipv4: fixed a issue where deleting routes with a nexthop object triggered a warning. The FRR team encountered a kernel warning1 while deleting routes2. This issue occurred when attempting to delete a route that pointed to...

SUSE CVE-2026-23004

In the Linux kernel, the following vulnerability has been resolved: dst: fix races in rt6uncachedlistdel and rtdeluncachedlist syzbot was able to crash the kernel in rt6uncachedlistflushdev in an interesting way 1 Crash happens in listdelinit/INITLISTHEAD while writing list-prev, while the prior...

EUVD-2026-4614

In the Linux kernel, the following vulnerability has been resolved: dst: fix races in rt6uncachedlistdel and rtdeluncachedlist syzbot was able to crash the kernel in rt6uncachedlistflushdev in an interesting way 1 Crash happens in listdelinit/INITLISTHEAD while writing list-prev, while the prior...

CVE-2025-68800

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989258)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989258 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 whil...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987640)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987640 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 whil...

EUVD-2022-55112

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 while deleting routes2 which is caused by trying to delete a route pointing to a nexthop id without specifying nhid but matching on an...

EUVD-2022-24580

Malicious code in bioql PyPI...

PT-2025-33786

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the rt6 nlmsg size function related to IPv6. A previous patch introduced an infinite loop under specific conditions when using list del rcu,...

SUSE CVE-2022-49092

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 while deleting routes2 which is caused by trying to delete a route pointing to a nexthop id without specifying nhid but matching on an...

DEBIAN-CVE-2022-49092

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 while deleting routes2 which is caused by trying to delete a route pointing to a nexthop id without specifying nhid but matching on an...

CVE-2022-49092

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 while deleting routes2 which is caused by trying to delete a route pointing to a nexthop id without specifying nhid but matching on an...

UBUNTU-CVE-2022-49092

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 while deleting routes2 which is caused by trying to delete a route pointing to a nexthop id without specifying nhid but matching on an...

CVE-2022-49092

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 while deleting routes2 which is caused by trying to delete a route pointing to a nexthop id without specifying nhid but matching on an...

CVE-2022-49092 net: ipv4: fix route with nexthop object delete warning

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 while deleting routes2 which is caused by trying to delete a route pointing to a nexthop id without specifying nhid but matching on an...

CVE-2022-49092 net: ipv4: fix route with nexthop object delete warning

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 while deleting routes2 which is caused by trying to delete a route pointing to a nexthop id without specifying nhid but matching on an...

CVE-2022-49092

CVE-2022-49092 concerns a Linux kernel net/ipv4 routing issue where deleting a route that points to a nexthop ID (without nhid) triggers a warning in fib_nh_match when a nexthop object is present. The root cause is a match operation on a fib_info with a nexthop object; the fix is to skip such mat...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from unspecified nhid but matching interfaces when deleting a route pointing to a nexthop id, resulting in a...

CVE-2022-48999 ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference

In the Linux kernel, the following vulnerability has been resolved: ipv4: Handle attempt to delete multipath route when fibinfo contains an nh reference Gwangun Jung reported a slab-out-of-bounds access in fibnhmatch: fibnhmatch+0xf98/0x1130 linux-6.0-rc7/net/ipv4/fibsemantics.c:961...

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: mctp: perform route lookups under a RCU read-side lock Our current route lookups mctproutelookup and mctproutelookupnull traverse the net's route list without the RCU read lock held. This means the route lookup is subject to...