505 matches found
net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoS
...
SUSE CVE-2026-53274
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in smcsetsockopt causing local DoS A logic flaw in smcsetsockopt allows a local unprivileged user to cause a Denial of Service DoS by holding the socket lock indefinitely. The function smcsetsockopt...
CVE-2026-53274
A flaw was found in the Linux kernel's net/smc component. A local unprivileged user can exploit a logic flaw, specifically a 'sleep-inside-lock' issue within the smcsetsockopt function. By providing a specially crafted memory page, an attacker can cause the system to halt execution, leading to a...
CVE-2026-53274
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in smcsetsockopt causing local DoS A logic flaw in smcsetsockopt allows a local unprivileged user to cause a Denial of Service DoS by holding the socket lock indefinitely. The function smcsetsockopt...
UBUNTU-CVE-2026-53274
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in smcsetsockopt causing local DoS A logic flaw in smcsetsockopt allows a local unprivileged user to cause a Denial of Service DoS by holding the socket lock indefinitely. The function smcsetsockopt...
CVE-2026-53274
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in smcsetsockopt causing local DoS A logic flaw in smcsetsockopt allows a local unprivileged user to cause a Denial of Service DoS by holding the socket lock indefinitely. The function smcsetsockopt...
CVE-2026-53274
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in smcsetsockopt causing local DoS A logic flaw in smcsetsockopt allows a local unprivileged user to cause a Denial of Service DoS by holding the socket lock indefinitely. The function smcsetsockopt...
CVE-2026-53274 net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoS
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in smcsetsockopt causing local DoS A logic flaw in smcsetsockopt allows a local unprivileged user to cause a Denial of Service DoS by holding the socket lock indefinitely. The function smcsetsockopt...
PT-2026-52369
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A logic flaw in the smc setsockopt function allows a local unprivileged user to cause a Denial of Service DoS. The issue occurs because the function calls copy from sockptr while holding...
Astra Linux – Vulnerability in Linux, Linux 5.10
A vulnerability, classified as problematic, was discovered in the Linux kernel. This vulnerability affects the tcpgetsockopt/tcpsetsockopt functions of the TCP Handler component. Manipulation of these functions can lead to a race condition. It is recommended that a patch be applied to address thi...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: can: j1939: Fixed a UAF in j1939skmatchfilter during setsockoptSOJ1939FILTER. Locked jsk-sk to prevent UAF when setsockopt..., SOJ1939FILTER, ... modifies jsk-filters while receiving packets. The following issue was observed on t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: xsk: Validated user input for XDPUMEM|COMPLETIONFILLRING syzbot reported an illegal copy in xsksetsockopt 1 Ensure that the @optlen parameter of setsockopt is validated. 1 BUG: KASAN: Out-of-bounds access in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: SCO: Fixed issue where user input is not validated before calling setockopt. The syzbot reported that scosocksetsockopt copies data without checking the length of the user input. BUG: KASAN: Out-of-bounds access in...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed an issue where user input was not validated. The length of user input was checked before data was copied...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: Validates user input to ensure it is of the expected length. I received multiple syzbot reports indicating that old bugs were exposed due to BPF after the commit 20f2505fb436 “bpf: Try to avoid kzalloc in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: removal of support for TCPULP setsockopt TCPULP setsockopt cannot be used for mptcp because it is already used internally to access subflow tcp sockets at the mptcp level. The syzbot was able to cause a crash in mptcp...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/rose: integer overflows can occur when using rosesetsockopt with potentially excessively large arguments, along with additional values being applied to them. To mitigate this issue, perform the following actions as a minimum...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bonding: fix missed rcu protection When removing the rcureadlock in bondethtoolgettsinfo as discussed 1, I didn't notice it could be called via setsockopt, which doesn't hold rcu lock, as syzbot pointed: stack backtrace: CPU: 0...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013483)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013483 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: Transitional solution for clcsock race issue We encountered a crash in smcsetsockopt and...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010734)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010734 advisory. A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler...