26 matches found
RHEL 10 : kernel (RHSA-2026:25908)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25908 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: afcan: do not leave a...
CVE-2026-31469 virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false
In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix UAF on dstops when IFFXMITDSTRELEASE is cleared and napitx is false A UAF issue occurs when the virtionet driver is configured with napitx=N and the device's IFFXMITDSTRELEASE flag is cleared e.g., during the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005004)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005004 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix Use-after-Free, hold skb ref while in use This patch fixes a Use-after-Free found...
Azure Linux 3.0 Security Update: kernel (CVE-2025-21864)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21864 advisory. - In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we...
UBUNTU-CVE-2023-53836
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...
CVE-2023-53836
Summary of CVE-2023-53836 (Linux kernel): A race exists in the sockmap path (bpf/sockmap) where skb objects in the sk_psock_backlog can be referenced after userspace drains the skb, leading to a use-after-free when skb_dequeue() occurs after the skb has been freed. The published fixes add skb_get...
kernel: can: j1939: j1939_session_new(): fix skb reference counting
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990266)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990266 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989870)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989870 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra...
EUVD-2022-55028
Malicious code in bioql PyPI...
EUVD-2024-53293
Malicious code in bioql PyPI...
CLSA-2025-1747688581 kernel: Fix of 15 CVEs
media: uvcvideo: Fix double free in error path CVE-2024-57980 - vrf: use RCU protection in l3mdevl3out CVE-2025-21791 - geneve: Fix use-after-free in genevefinddev. CVE-2025-21858 - ibmvnic: Don't reference skb after sending to VIOS CVE-2025-21855 - pfifotailenqueue: Drop new packet when...
DEBIAN-CVE-2020-36789
In the Linux kernel, the following vulnerability has been resolved: can: dev: cangetechoskb: prevent call to kfreeskb in hard IRQ context If a driver calls cangetechoskb during a hardware IRQ which is often, but not always, the case, the 'WARNONinirq' in net/core/skbuff.cskbreleaseheadstate might...
CVE-2025-21855
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successfully flushing the xmit buffer to VIOS, the txbytes stat was incremented by the length of the skb. It is invalid to access the skb memory after sending t...
Linux Distros Unpatched Vulnerability : CVE-2024-56645
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an...
DEBIAN-CVE-2022-49198
In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix crash due to tcptsortedanchor was initialized before release skb Got crash when doing pressure test of mptcp: =========================================================================== dstrelease: dst:ffffa06ce6e5c058...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: s390/iucv: The MSGPEEK flag causes a memory leak in iucvsockdestruct. Passing the MSGPEEK flag to skbrecvdatagram increments the skb-users refcount. However, iucvsockrecvmsg does not decrement the skb-users refcount at exit time...
CVE-2024-56645
CVE-2024-56645 affects the Linux kernel CAN j1939 implementation. The fix in j1939_session_new() adds an extra skb_get() for the initial skb to match j1939_session_skb_queue() and prevent skb refcount underflow. Connected advisories (Astra Linux, AlmaLinux errata, etc.) reiterate the same, confir...
CVE-2024-56645 can: j1939: j1939_session_new(): fix skb reference counting
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...
AZL-55533 CVE-2024-53210 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSGPEEK causes memory leak in iucvsockdestruct Passing MSGPEEK flag to skbrecvdatagram increments skb refcount skb-users and iucvsockrecvmsg does not decrement skb refcount at exit. This results in skb memory leak in...