59 matches found
EUVD-2021-17193
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414426)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414426 advisory. The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state. Tenable has extracted the precedi...
EUVD-2022-33328
Malicious code in bioql PyPI...
EUVD-2025-11211
Malicious code in bioql PyPI...
UBUNTU-CVE-2023-53426
In the Linux kernel, the following vulnerability has been resolved: xsk: Fix xskdiag use-after-free error during socket cleanup Fix a use-after-free error that is possible if the xskdiag interface is used after the socket has been unbound from the device. This can happen either due to the socket...
PT-2025-41786
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in the crypto/af alg module where concurrent writes to the same af alg socket can lead to data interleaving and inconsistencies in the internal socket...
CVE-2025-38552 mptcp: plug races between subflow fail and subflow creation
In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution i...
CVE-2025-38552
CVE-2025-38552 concerns the Linux kernel and addresses a race in MPTCP where subflow creation and subflow failure can collide. The issue arises from a race between a subflow failing and the creation of an additional subflow, which could lead to inconsistent socket state if not synchronized. The f...
nvmet-tcp: don't restore null sk_state_change
...
PT-2025-33599
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to multi-path TCP MPTCP where a race condition can occur between subflow failure and subflow creation. This issue is similar to a previously...
SUSE CVE-2025-38035
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection isn't established when nvmettcpsetqueuesock is called then queue-statechange isn't set and...
CVE-2021-30262
Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start
...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to reset skstate to CLOSED in the sctp subsystem upon an auto-bind failure, which could result i...
kernel: vsock: remove vsock from connected table when connect is interrupted by a signal
A vulnerability was found in the Linux kernel's vsock subsystem's vsockstreamconnect function where improper handling of the socket state can lead to the connected table's list being corrupted. This occurs when a signal interrupt occurs and resets the socket's state without removing it from the...
Unbreakable Enterprise kernel security update
5.15.0-210.163.7 - crypto: qat - specify firmware files for 402xx Giovanni Cabiddu Orabug: 37030280 5.15.0-210.163.6 - Revert 'Fix userfaultfdapi to return EINVAL as expected' Vijayendra Suman Orabug: 37004422 5.15.0-210.163.5 - Revert 'bpf: Allow reads from uninit stack' Vijayendra Suman Orabug:...
CVE-2024-36484
In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time. Christoph reported the following splat: WARNING: CPU: 1 PID: 772 at net/ipv4/afinet.c:761 inetaccept+0x1f4/0x4a0 Modules linked in: CPU: 1 PID: 772 Comm: syz-executor510 Not tainted...
CVE-2024-36484
In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time. Christoph reported the following splat: WARNING: CPU: 1 PID: 772 at net/ipv4/afinet.c:761 inetaccept+0x1f4/0x4a0 Modules linked in: CPU: 1 PID: 772 Comm: syz-executor510 Not tainted...
CVE-2024-36484
In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time. Christoph reported the following splat: WARNING: CPU: 1 PID: 772 at net/ipv4/afinet.c:761 inetaccept+0x1f4/0x4a0 Modules linked in: CPU: 1 PID: 772 Comm: syz-executor510 Not tainted...
CVE-2024-36484
CVE-2024-36484 is a Linux kernel vulnerability where the socket acceptance check was relaxed at accept time (net/ipv4/af_inet.c). The issue can arise when a process shuts down a listener before it enters accept, causing the child to reach accept() in FIN_WAIT1 status after the commit “tcp: defer ...