CVE-2026-45887 af_unix: Fix memleak of newsk in unix_stream_connect().

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...

CVE-2026-45848 apparmor: fix NULL sock in aa_sock_file_perm

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL sock in aasockfileperm Deal with the potential that sock and sock-sk can be NULL during socket setup or teardown. This could lead to an oops. The fix for NULL pointer dereference in unixneedsrevalidation shows...

CVE-2026-45848

The CVE-2026-45848 entry concerns the Linux kernel apparmor component, specifically aa_sock_file_perm. The vulnerability arises from handling when sock and sock-sk can be NULL during socket setup or teardown, which could lead to a NULL pointer dereference and an oops. The description notes this i...

UBUNTU-CVE-2026-45846

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...

CVE-2026-45846

CVE-2026-45846 : Linux kernel bareudp code fixes a NULL pointer dereference in bareudp_fill_metadata_dst(), which passes bareudp->sock to udp_tunnel6_dst_lookup() without a NULL check. The socket is created in bareudp_open() and cleared in bareudp_stop(); calling the path while the device is d...

EUVD-2026-32172

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...

SUSE CVE-2026-7374

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to...

SUSE CVE-2026-45834

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockstatechangecb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

SUSE CVE-2026-45836

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockgetsndtimeocb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the OpenVPN TCP transmission process. When the socket is closed in the user space, the...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checking for sock and sock-sk pointers in unixneedsrevalidation, potentially leading to nul...

PT-2026-43785

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sk socket member after tcp close When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further...

PT-2026-43796

In the Linux kernel, the following vulnerability has been resolved: ovpn: fix possible use-after-free in ovpn net xmit When building the skb list in ovpn net xmit, skb share check will free the original skb if it is shared. The current implementation continues to use the stale skb pointer for...

PT-2026-43833

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unix needs revalidation When receiving file descriptors via SCM RIGHTS, both the socket pointer and the socket's sk pointer can be NULL during socket setup or teardown, causing NULL point...

PT-2026-43753

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpf xdp store bytes proto for read-only arg While making some maps in Cilium read-only from the BPF side, we noticed that the bpf xdp store bytes proto is incorrect. In particular, the verifier was throwing the following...

UBUNTU-CVE-2026-45966

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unixneedsrevalidation When receiving file descriptors via SCMRIGHTS, both the socket pointer and the socket's sk pointer can be NULL during socket setup or teardown, causing NULL pointer...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the AppArmor module failing to handle cases where sock and sock-sk might be NULL during socket...

PT-2026-44122

Name of the Vulnerable Software and Affected Versions Microsoft UFO version 3.0.1-4-ge2626659 Description Microsoft UFO is an open-source framework for intelligent automation across devices and platforms. The software accepts client-supplied session id values in WebSocket task messages and reuses...

CVE-2026-45887

afunix: Fix memleak of newsk in unixstreamconnect...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of socket-level IV buffers in asynchronous AEAD requests within algifaead. This can lead ...