627 matches found
CVE-2026-53078
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF socket operations sockops program. When a BPF sockops program accesses context fields with the same destination and source registers, certain macros fail to properly clear the destination register. This can lead to a...
EUVD-2026-39337
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential unbounded skb queue virtiotransportincrxpkt checks vvs-rxbytes + len vvs-bufalloc. virtiotransportrecvenqueue skips coalescing for packets with VIRTIOVSOCKSEQEOM. If fed with packets with len == 0 and...
CVE-2026-53223
CVE-2026-53223 (Linux kernel) resolves an issue in the net layer where skb_is_err_queue() treated PACKET_OUTGOING as the sole marker for error-queue skbs. This misclassification does not hold for AF_PACKET sockets, where outgoing taps can also be delivered to packet sockets with skb->pkt_type ...
EUVD-2026-39314
In the Linux kernel, the following vulnerability has been resolved: net: guard timestamp cmsgs to real error queue skbs skbiserrqueue treats PACKETOUTGOING as the sole marker for an skb from skerrorqueue. That assumption is not true for AFPACKET sockets: outgoing packet taps are also delivered to...
EUVD-2026-38903
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix afunix iter deadlock bpfiterunixseqshow may deadlock when locksockfast takes the fast path and the iter prog attempts to update a sockmap. Which ends up spinning at sockmapupdateelem's bhlocksock: WARNING:...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: tipc: Wait and exit until all work queues are completed On some hosts, a crash could occur simply by repeating these commands several times: bash modprobe tipc tipc bearer enable media udp name UDP1 localip 127.0.0.1 rmmod tipc T...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: gtp: Fixed a use-after-free in gtpencapdestroy. syzkaller reported a use-after-free in gtpencapdestroy. The same process freed “sk” and accessed it illegally. The commit e198987e7dd7 “gtp: fix suspicious RCU usage” added...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: BPF, sockmap: Do not allow sockmapclose,destroy,unhash to call itself. Proto callback functions in sockmap should never call themselves by design. Protect against bugs like 1 and break out of the recursive loop to avoid a stac...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: ISO: Fixed issues related to locking and validity checks for isoconn. sk-skstate indicates whether isopisk-conn is valid. Operations that check or update skstate and access conn should hold locksock; otherwise, they...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. Therefore, the function must ensure...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: ISO: Fixed UAF in isosocktimeout The conn-sk might have been unlinked/freed while waiting for isoconnlock. Therefore, this check determines whether conn-sk is still valid by verifying that it is part of isosklist...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race conditions in socket write iteration and sock bind. There is a potential race condition between sock bind and socket write iteration. bind may free the same memory block via mgmtpending before the...
Astra Linux – Vulnerability in Linux
A race condition in Linux kernel SCTP sockets net/sctp/socket.c before version 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If the sctpdestroysock function is called without using the socknetsk-sctp.addrwqlock lock, an element...
Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisock: Fixed an issue where user input was not validated. The length of user input was checked before copying data...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: llc: Calling sockorphan at the release time syzbot reported an interesting trace 1 caused by a stale pointer to sk-skwq in a closed llc socket. In the commit ff7b11aa481f "net: socket: setting sock-sk to NULL after calling...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Network layer: Do not leave a dangling “sk” pointer when socket creation fails. It is possible to trigger a use-after-free by: - Attaching a “fentry” probe to sockrelease and the probe that calls bpfgetsocketcookie; - Running...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: Use sockgenput when skstate is TCPTIMEWAIT. It is possible for a pointer of type struct inettimewaitsock to be returned from the functions inetlookupestablished and inet6lookupestablished. This can cause a crash when the...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed data races related to sk-skshutdown. KCSAN identified a data race involving sk-skshutdown, where functions like unixreleasesock and unixshutdown update the variable under unixstatelock; additionally, unixpoll and...
CVE-2026-45601
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-42911
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...