Linux Distros Unpatched Vulnerability : CVE-2025-68227

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspace, or based on bpf sockops, replacing the skprot of sockets...

ALSA-2025:23279 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: net: tun: Update napi-skb after XDP process CVE-2025-39984 For more details about the...

CVE-2025-66004

A local path traversal vulnerability in usbmuxd allows unprivileged users to send crafted messages to its world-writable UNIX socket, causing the daemon to create or delete files as the usbmux user. Due to insufficient validation of the PairRecordID field, attackers can escape the intended...

PT-2025-51206

LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application's network processing, causing server certificate verification to be disabled for a significant portion of netwo...

PT-2025-50876

GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. do not validate origins in WebSockets. If a user accesses a crafted page, Chat information sent to the user may be exposed...

CVE-2023-53809

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...

CVE-2023-53781

In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in tcpwritetimerhandler. With Eric's ref tracker, syzbot finally found a repro for use-after-free in tcpwritetimerhandler by kernel TCP sockets. 0 If SMC creates a kernel socket in smccreate, the kernel...

CVE-2023-53802

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htchst: free skb in ath9khtcrxmsg if there is no callback function It is stated that ath9khtcrxmsg either frees the provided skb or passes its management to another callback function. However, the skb is not freed in...

SUSE CVE-2022-50676

In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks syzbot is reporting lockdep warning at rdstcpresetcallbacks 1, for commit ac3615e7f3cffe2a "RDS: TCP: Reduce code duplication in rdstcpresetcallbacks"...

SUSE CVE-2023-53809

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...

SUSE CVE-2023-53825

In the Linux kernel, the following vulnerability has been resolved: kcm: Fix error handling for SOCKDGRAM in kcmsendmsg. syzkaller found a memory leak in kcmsendmsg, and commit c821a88bd720 "kcm: Fix memory leak in error path of kcmsendmsg" suppressed it by updating kcmtxmsghead-lastskb if partia...

SUSE CVE-2023-53839

In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the socket. Same thing in dodccpgetsockopt. Add READONCE/WRITEONCE annotations, and change dccpsendmsg to check again dccpsmsscache aft...

kernel: net/sched: act_ct: fix skb leak and crash on ooo frags

A memory leak flaw and potential kernel crash were found in the Linux kernel’s Conntrack module. This issue occurs when Conntrack is being used by a local user for a specific configuration, and both fragmented packets are received remotely and out of order. This flaw allows a local or remote user...

Linux Distros Unpatched Vulnerability : CVE-2023-53809

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive...

EUVD-2023-60160

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...

EUVD-2023-60157

In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the socket. Same thing in dodccpgetsockopt. Add READONCE/WRITEONCE annotations, and change dccpsendmsg to check again dccpsmsscache aft...

EUVD-2022-55729

In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks syzbot is reporting lockdep warning at rdstcpresetcallbacks 1, for commit ac3615e7f3cffe2a "RDS: TCP: Reduce code duplication in rdstcpresetcallbacks"...

DEBIAN-CVE-2023-53831

In the Linux kernel, the following vulnerability has been resolved: net: read sk-skfamily once in skmcloop syzbot is playing with IPV6ADDRFORM quite a lot these days, and managed to hit the WARNONONCE1 in skmcloop We have many more similar issues to fix. WARNING: CPU: 1 PID: 1593 at...

DEBIAN-CVE-2023-53836

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...

DEBIAN-CVE-2023-53825

In the Linux kernel, the following vulnerability has been resolved: kcm: Fix error handling for SOCKDGRAM in kcmsendmsg. syzkaller found a memory leak in kcmsendmsg, and commit c821a88bd720 "kcm: Fix memory leak in error path of kcmsendmsg" suppressed it by updating kcmtxmsghead-lastskb if partia...