69 matches found
CVE-2026-23330
Summary: CVE-2026-23330 affects the Linux kernel NFC/NCI subsystem. The issue arises in nci_close_device() where pending data exchanges may not be completed before closing, allowing a leaking unreferenced socket object (example: 0xff1100000f435000, size 2048) and associated references. This could...
kernel: mptcp: fix race condition in mptcp_schedule_work()
A race in mptcpschedulework could lead to a use-after-free: the function queued work and only then acquired a reference to the socket. If the worker ran to completion immediately, the subsequent sockhold operated on a freed object. Impact ranges from kernel crash DoS to potential privilege...
kernel: mptcp: fix race condition in mptcp_schedule_work()
A race in mptcpschedulework could lead to a use-after-free: the function queued work and only then acquired a reference to the socket. If the worker ran to completion immediately, the subsequent sockhold operated on a freed object. Impact ranges from kernel crash DoS to potential privilege...
kernel: mptcp: fix race condition in mptcp_schedule_work()
A race in mptcpschedulework could lead to a use-after-free: the function queued work and only then acquired a reference to the socket. If the worker ran to completion immediately, the subsequent sockhold operated on a freed object. Impact ranges from kernel crash DoS to potential privilege...
kernel: mptcp: fix race condition in mptcp_schedule_work()
A race in mptcpschedulework could lead to a use-after-free: the function queued work and only then acquired a reference to the socket. If the worker ran to completion immediately, the subsequent sockhold operated on a freed object. Impact ranges from kernel crash DoS to potential privilege...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992645)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992645 advisory. In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before...
UBUNTU-CVE-2025-40258
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race condition in mptcpschedulework syzbot reported use-after-free in mptcpschedulework 1 Issue here is that mptcpschedulework schedules a work, then gets a refcount on sk-skrefcnt if the work was scheduled. This...
CVE-2025-40258 mptcp: fix race condition in mptcp_schedule_work()
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race condition in mptcpschedulework syzbot reported use-after-free in mptcpschedulework 1 Issue here is that mptcpschedulework schedules a work, then gets a refcount on sk-skrefcnt if the work was scheduled. This...
EUVD-2025-9395
Malicious code in bioql PyPI...
EUVD-2022-55493
Malicious code in bioql PyPI...
UBUNTU-CVE-2023-53489
In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socketAFINET, SOCKDGRAM, 0...
PT-2025-40144
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s iSCSI over TCP implementation. Specifically, a NULL pointer dereference can occur during socket access when freeing the socket concurrently with...
OESA-2025-2006 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, thi...
Linux Distros Unpatched Vulnerability : CVE-2025-38154
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending The sk-sksocket is not locked or...
Linux Distros Unpatched Vulnerability : CVE-2024-41006
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netrom: Fix a memory leak in nrheartbeatexpiry syzbot reported a memory leak in nrcreate 0...
SUSE CVE-2025-38154
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending The sk-sksocket is not locked or referenced in backlog thread, and during the call to skbsendsock, there is a race condition with the release of sksocket. All types of...
DEBIAN-CVE-2025-38154
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending The sk-sksocket is not locked or referenced in backlog thread, and during the call to skbsendsock, there is a race condition with the release of sksocket. All types of...
UBUNTU-CVE-2025-38154
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending The sk-sksocket is not locked or referenced in backlog thread, and during the call to skbsendsock, there is a race condition with the release of sksocket. All types of...
kernel: net: gso: fix ownership in __udp_gso_segment
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...
SUSE CVE-2025-37894
In the Linux kernel, the following vulnerability has been resolved: net: use sockgenput when skstate is TCPTIMEWAIT It is possible for a pointer of type struct inettimewaitsock to be returned from the functions inetlookupestablished and inet6lookupestablished. This can cause a crash when the...