Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed the requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Calico cloud environment. We found that a BPF program was performing a socket lookup, taking a reference count of the socket. It w...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/handshake: fixed null-ptr-deref in handshakenldonedoit We should not call tracehandshakecmddoneerr if the socket lookup fails. Additionally, we should call tracehandshakecmddoneerr before releasing the file; otherwise,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013208)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013208 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Cali...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37790)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37790 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCKRCUFREE Bind lookup...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989659)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989659 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Cali...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989402)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989402 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Cali...

Siemens SIMATIC Devices Improper Restriction of Communication Channel to Intended Endpoints (CVE-2024-35884)

In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx- udp-gro-forwarding is enabled UDP packets might be GROed when being forwarded. If such packets might land in a tunnel this can cause various issues and...

SUSE CVE-2023-53686

In the Linux kernel, the following vulnerability has been resolved: net/handshake: fix null-ptr-deref in handshakenldonedoit We should not call tracehandshakecmddoneerr if socket lookup has failed. Also we should call tracehandshakecmddoneerr before releasing the file, otherwise dereferencing...

CVE-2023-53686

In the Linux kernel, the following vulnerability has been resolved: net/handshake: fix null-ptr-deref in handshakenldonedoit We should not call tracehandshakecmddoneerr if socket lookup has failed. Also we should call tracehandshakecmddoneerr before releasing the file, otherwise dereferencing...

UBUNTU-CVE-2023-53686

In the Linux kernel, the following vulnerability has been resolved: net/handshake: fix null-ptr-deref in handshakenldonedoit We should not call tracehandshakecmddoneerr if socket lookup has failed. Also we should call tracehandshakecmddoneerr before releasing the file, otherwise dereferencing...

EUVD-2025-32731

In the Linux kernel, the following vulnerability has been resolved: net/handshake: fix null-ptr-deref in handshakenldonedoit We should not call tracehandshakecmddoneerr if socket lookup has failed. Also we should call tracehandshakecmddoneerr before releasing the file, otherwise dereferencing...

CVE-2023-53686

CVE-2023-53686: Linux kernel vulnerability in net/handshake/netlink.c fix null-ptr-deref in handshake_nl_done_doit(); ensures trace_handshake_cmd_done_err() is not called if socket lookup fails and is invoked before releasing the file to avoid dereferencing sock->sk. Affects kernel networking ...

CVE-2023-53686 net/handshake: fix null-ptr-deref in handshake_nl_done_doit()

In the Linux kernel, the following vulnerability has been resolved: net/handshake: fix null-ptr-deref in handshakenldonedoit We should not call tracehandshakecmddoneerr if socket lookup has failed. Also we should call tracehandshakecmddoneerr before releasing the file, otherwise dereferencing...

CVE-2023-53686 net/handshake: fix null-ptr-deref in handshake_nl_done_doit()

In the Linux kernel, the following vulnerability has been resolved: net/handshake: fix null-ptr-deref in handshakenldonedoit We should not call tracehandshakecmddoneerr if socket lookup has failed. Also we should call tracehandshakecmddoneerr before releasing the file, otherwise dereferencing...

PT-2025-41130

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc7-syzkaller-gfe4469582053 Description The Linux kernel contains a flaw in the net/handshake/netlink.c component, specifically within the handshake nl done doit function. This issue can lead to a null...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-397062)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-397062 advisory. In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfdlookup fails, gtpencapenablesocket retur...

CVE-2023-53585 bpf: reject unhashed sockets in bpf_sk_assign

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

SUSE CVE-2023-53496

In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socketnode lookups. But when nrcpus is set to a smaller number than actually present, the...

UBUNTU-CVE-2023-53496

In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socketnode lookups. But when nrcpus is set to a smaller number than actually present, the...

CVE-2025-37790

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCKRCUFREE Bind lookup runs under RCU, so ensure that a socket doesn't go away in the middle of a lookup...