413 matches found
CVE-2026-31774
The CVE-2026-31774 issue affects the Linux kernel io_uring/net path. A 32-bit length value (sqe->len) is stored into sr->len (int), allowing values above INT_MAX (e.g., 0xFFFFFFFF) to overflow and propagate through the bundle recv/send path. This can cause a slab-out-of-bounds read in io_bu...
CVE-2026-31608 smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list()
In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smbdirectfreesendmsg after smbdirectflushsendlist smbdirectflushsendlist already calls smbdirectfreesendmsg, so we should not call it again after postsendmsg moved it to the batch list...
CVE-2026-31608
In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smbdirectfreesendmsg after smbdirectflushsendlist smbdirectflushsendlist already calls smbdirectfreesendmsg, so we should not call it again after postsendmsg moved it to the batch list...
CVE-2026-31608
In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smbdirectfreesendmsg after smbdirectflushsendlist smbdirectflushsendlist already calls smbdirectfreesendmsg, so we should not call it again after postsendmsg moved it to the batch list...
CVE-2026-31608
CVE-2026-31608 affects the Linux kernel SMB server. The issue is a double-free in smb_direct_free_sendmsg when invoked after smb_direct_flush_send_list(); smb_direct_flush_send_list() already calls smb_direct_free_sendmsg(), so a second call after post_sendmsg() is incorrect. The fix moves the ca...
PT-2026-34379
In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix tx.buf use-after-free in isotp sendmsg isotp sendmsg uses only cmpxchg on so-tx.state to serialize access to so-tx.buf. isotp release waits for ISOTP IDLE via wait event interruptible and then calls kfreeso-tx.buf...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013859)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013859 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in skpsockqueuemsg If tcpbpfsendmsg is running during a tear down...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013556)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013556 advisory. In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007015)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007015 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 Whe...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011274)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011274 advisory. In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013322)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013322 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in tcpbpfsendmsg while sk msg is full If tcpbpfsendmsg is running while...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013382)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013382 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: Fix error handling for SOCKDGRAM in kcmsendmsg. syzkaller found a memory leak in kcmsendmsg,...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007617)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007617 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006704)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006704 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 Whe...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005806)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005806 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendms...
CVE-2026-25598 Bypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffi...
CVE-2026-25598
The CVE-2026-25598 issue affects Harden-Runner (GitHub Actions Community Tier) prior to version 2.14.2. The root cause is that outbound traffic using socket calls sendto, sendmsg, and sendmmsg could bypass audit logging when egress-policy is set to audit, enabling potential evasion of monitoring....
CVE-2026-25598 Bypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffi...
CVE-2026-25598 Bypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffi...
GHSA-CPMJ-H4F6-R6PQ Harden-Runner: Bypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)
Summary A security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffic using the sendto, sendmsg, and sendmmsg socket system calls can bypass detection and logging when...