12 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed an issue involving an untrusted unsigned subtraction operation. The following warnings from the “SMatch static checker” have also been fixed: net/rxrpc/rxgkapp.c:65 rxgkyfsdecodeticket Warning: Untrusted unsigned...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix the following issue: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264449. CVE-2026-43500: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present bsc1264450. Special Instructions and Notes: Plea...
DEBIAN-CVE-2026-31635
In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix oversized RESPONSE authenticator length check rxgkverifyresponse decodes authlen from the packet and is supposed to verify that it fits in the remaining bytes. The existing check is inverted, so oversized RESPONSE...
CVE-2026-31636 rxrpc: fix RESPONSE authenticator parser OOB read
In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgkverifyauthenticator copies authlen bytes into a temporary buffer and then passes p + authlen as the parser limit to rxgkdoverifyauthenticator. Since p is a be32 , that inflate...
PT-2026-34992
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpc post response, the code should be comparing the challenge serial number from the cached response before deciding to switch to a newer response, but...
RHEL 9 : kernel (RHSA-2026:10108)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:10108 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible...
UBUNTU-CVE-2026-23066
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...
CVE-2025-38525
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in localbhenable The rxrpcassessMTUsize function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, this is called from rxrpcnewincomingcall which holds...
PT-2025-33568
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to interrupt handling within the rxrpc subsystem. Specifically, the rxrpc assess MTU size function, called from rxrpc new incoming call, can...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup bsc1237913. CVE-2024-58053: rxrpc: Fix handling of received connection abort bsc1238982...
CVE-2022-49149 rxrpc: Fix call timer start racing with call destruction
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call timer start racing with call destruction The rxrpccall struct has a timer used to handle various timed events relating to a call. This timer can get started from the packet input routines that are run in softirq...
CLSA-2024-1727817133 Fix of 74 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6appenddata CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the...