11 matches found
CVE-2026-45918 ovpn: tcp - don't deref NULL sk_socket member after tcp_close()
In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sksocket member after tcpclose When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further processing...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rosekillbydevice rosekillbydevice collects sockets into a local array and then iterates over them to disconnect sockets bound to a device being brought down. The loop mistakenly indexes...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003160)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003160 advisory. In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor,...
CVE-2025-71086
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rosekillbydevice rosekillbydevice collects sockets into a local array and then iterates over them to disconnect sockets bound to a device being brought down. The loop mistakenly indexes...
UBUNTU-CVE-2025-71086
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rosekillbydevice rosekillbydevice collects sockets into a local array and then iterates over them to disconnect sockets bound to a device being brought down. The loop mistakenly indexes...
CVE-2025-71086
Technical details for CVE-2025-71086 are not publicly available in the provided documents. Monitor for updates from official advisories; the initial description mentions a Linux kernel fix in net rose_kill_by_device but no product/version specifics are provided here.
CVE-2025-71086
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rosekillbydevice rosekillbydevice collects sockets into a local array and then iterates over them to disconnect sockets bound to a device being brought down. The loop mistakenly indexes...
CVE-2025-71086 net: rose: fix invalid array index in rose_kill_by_device()
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rosekillbydevice rosekillbydevice collects sockets into a local array and then iterates over them to disconnect sockets bound to a device being brought down. The loop mistakenly indexes...
PT-2026-2607
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The rose kill by device function in the Linux kernel incorrectly indexes an array, potentially leading to an out-of-bounds read or an invalid socket pointer dereference. The function...
kernel: sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport
In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL during reset transport, XPRTSOCKUPDTIMEOUT also needs to be cleared. Otherwise, the xstcpsetsockettimeouts may be triggered in...
DEBIAN-CVE-2024-56688
In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL during reset transport, XPRTSOCKUPDTIMEOUT also needs to be cleared. Otherwise, the xstcpsetsockettimeouts may be triggered in...