UBUNTU-CVE-2025-22077

In the Linux kernel, the following vulnerability has been resolved: Revert "smb: client: fix TCP timers deadlock after rmmod" This reverts commit e9f2517a3e18a54a3943c098d2226b245d488801. Commit e9f2517a3e18 "smb: client: fix TCP timers deadlock after rmmod" is intended to fix a null-ptr-deref in...

SUSE CVE-2025-21926

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...

DEBIAN-CVE-2025-21926

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...

UBUNTU-CVE-2025-21926

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...

CVE-2025-21926 net: gso: fix ownership in __udp_gso_segment

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...

CVE-2025-21926 net: gso: fix ownership in __udp_gso_segment

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...

DEBIAN-CVE-2025-21683

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfskselectreuseport memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SOATTACHREUSEPORTEBPF set before it was ESTABLISHED. In other...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory leak in the bpfskselectreuseport function that does not properly handle socket reference counts for...

CVE-2024-54680

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix TCP timers deadlock after rmmod Commit ef7134c7fc48 "smb: client: Fix use-after-free of network namespace." fixed a netns UAF by manually enabled socket refcounting sk-sknetrefcnt=1 and sockinuseaddnet, 1. The...

CVE-2024-54680

...

CVE-2024-54680

Summary: Astra Linux security bulletin links CVE-2024-54680 to a CIFS/SMB client issue in the Linux kernel related to TCP timer handling and netns lifetimes. The advisory states that a prior fix (“smb: client: fix TCP timers deadlock after rmmod”) was reverted, which inadvertently reintroduced a ...

CVE-2024-54680

...

CVE-2024-53095 smb: client: Fix use-after-free of network namespace.

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...

SUSE CVE-2024-46855

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: fix sk refcount leaks We must put 'sk' reference before returning...

AZL-49840 CVE-2024-46855 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: fix sk refcount leaks We must put 'sk' reference before returning...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a leak in the handling of sk reference counts...

CVE-2024-40954

In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...

CVE-2024-40954

In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...

CVE-2024-40954 net: do not leave a dangling sk pointer, when socket creation fails

In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...

DEBIAN-CVE-2021-47294

In the Linux kernel, the following vulnerability has been resolved: netrom: Decrease sock refcount when sock timers expire Commit 63346650c1a9 "netrom: switch to sock timer API" switched to use sock timer API. It replaces modtimer by skresettimer, and deltimer by skstoptimer. Function skresettime...