Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: xfrm6: Check the return value of ip6dstidev in xfrm6getsaddr. ip6dstidev can return NULL, and xfrm6getsaddr must act accordingly. syzbot reported: Oops: General protection fault, likely due to a non-canonical address...

SUSE CVE-2026-43139

In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address returns -EADDRNOTAVAIL, saddr-in6 is left uninitialize...

EUVD-2026-27698

In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address returns -EADDRNOTAVAIL, saddr-in6 is left uninitialize...

CVE-2026-43139

In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address returns -EADDRNOTAVAIL, saddr-in6 is left uninitialize...

CVE-2026-43139

The CVE-2026-43139 entry concerns the Linux kernel xfrm6 subsystem. The issue arises in xfrm6_get_saddr() which does not check the return value of ipv6_dev_get_saddr(); when ipv6_dev_get_saddr() fails with -EADDRNOTAVAIL, saddr->in6 remains uninitialized and xfrm6_get_saddr() incorrectly retur...

CVE-2026-43139

In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address returns -EADDRNOTAVAIL, saddr-in6 is left uninitialize...

Linux Distros Unpatched Vulnerability : CVE-2026-43139

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable...

PT-2026-37479

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The xfrm6 get saddr function fails to check the return value of ipv6 dev get saddr. If ipv6 dev get saddr cannot find a suitable source address and returns -EADDRNOTAVAIL, the saddr-in6...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-395462)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-395462 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6dstidev return value in xfrm6getsaddr ip6dstidev can return NULL, xfrm6getsaddr...

AZL-72575 CVE-2025-37961 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix uninit-value for saddr in dooutputroute4 syzbot reports for uninit-value for the saddr argument 1. commit 4754957f04f5 "ipvs: do not use random local source address for tunnels" already implies that the input value of...

UBUNTU-CVE-2025-37961

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix uninit-value for saddr in dooutputroute4 syzbot reports for uninit-value for the saddr argument 1. commit 4754957f04f5 "ipvs: do not use random local source address for tunnels" already implies that the input value of...

The vulnerability of the xfrm6_get_saddr() function in the xfrm6 component of the Linux operating system allows a hacker to induce a service failure.

The vulnerability of the xfrm6getsaddr function in the xfrm6 component of the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

SUSE CVE-2024-53043

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case the tx packet should be dropped. saddr will usually be set by MCTP core, but check for NULL in case a packet is...

UBUNTU-CVE-2024-53043

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case the tx packet should be dropped. saddr will usually be set by MCTP core, but check for NULL in case a packet is...

CVE-2024-53043

CVE-2024-53043 : Linux kernel vulnerability in mctp i2c handling NULL header address. The issue arises when daddr can be NULL if there is no neighbour table entry, in which case the tx packet should be dropped; saddr may be NULL if a different protocol transmits a packet. This could affect transm...

kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()

A vulnerability was found in the Linux kernel's IPv6 handling in the xfrm6getsaddr function, where the issue occurs when ip6dstidev returns NULL, leading to a null pointer dereference and resulting in a general protection fault...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check that TCPMETRICSATTRSADDRIPV4 is at least 4 bytes long when used in the tcpmetrics module...

DEBIAN-CVE-2024-40959

In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6dstidev return value in xfrm6getsaddr ip6dstidev can return NULL, xfrm6getsaddr must act accordingly. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1...

UBUNTU-CVE-2024-40959

In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6dstidev return value in xfrm6getsaddr ip6dstidev can return NULL, xfrm6getsaddr must act accordingly. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1...