18 matches found
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007028)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007028 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decodesession6 When the xfrm device is set to the qdisc of the s...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007249)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007249 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decodesession6 When the xfrm device is set to the qdisc of the s...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006722)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006722 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decodesession6 When the xfrm device is set to the qdisc of the s...
kernel: ip6_vti: fix slab-use-after-free in decode_session6
A use-after-free vulnerability was found in the IPv6 VTI Virtual Tunnel Interface implementation in the Linux kernel. When an IPv6 VTI device uses the SFB Stochastic Fair Blue qdisc, the control block cb field of an skb can be modified during packet enqueuing. The decodesession6 function then rea...
K000160130: Linux kernel vulnerability CVE-2022-50356
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, if the qdisc of devqueue fails to be inited during mqprioinit, sfbreset is invoked to clear resources...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992859)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992859 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, ...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992179)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992179 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, ...
SUSE CVE-2023-53821
In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...
EUVD-2023-60175
In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...
DEBIAN-CVE-2023-53821
In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...
UBUNTU-CVE-2023-53821
In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...
CVE-2023-53821 ip6_vti: fix slab-use-after-free in decode_session6
In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...
EUVD-2023-60049
Nagios Log Server versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Create User function. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2023-53559
In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...
SUSE CVE-2023-53500
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decodesession6 When the xfrm device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when the xfrm device sen...
SUSE CVE-2022-50356
In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, if the qdisc of devqueue fails to be inited during mqprioinit, sfbreset is invoked to clear resources. In this case, the q-qdisc is...
DEBIAN-CVE-2022-50356
In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, if the qdisc of devqueue fails to be inited during mqprioinit, sfbreset is invoked to clear resources. In this case, the q-qdisc is...
CVE-2022-50356
In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, if the qdisc of devqueue fails to be inited during mqprioinit, sfbreset is invoked to clear resources. In this case, the q-qdisc is...