UBUNTU-CVE-2025-39839

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadvncskbdecodepacket trusts codedlen and checks only against skb-len. XOR starts at sizeofstruct batadvunicastpacket, reducing payload headroom, and the source skb length...

UBUNTU-CVE-2025-39848

In the Linux kernel, the following vulnerability has been resolved: ax25: properly unshare skbs in ax25kissrcv Bernard Pidoux reported a regression apparently caused by commit c353e8983e0d "net: introduce per netns packet chains". skb-dev becomes NULL and we crash in netifreceiveskbcore. Before...

CVE-2025-39860

CVE-2025-39860 – Linux kernel Bluetooth UAF in l2cap_sock_cleanup_listen() . The vulnerability arises from a race between bt_accept_dequeue() and l2cap_sock_cleanup_listen() where a socket could be freed while another path still holds a reference. The root cause is a race in the l2cap_sock_cleanu...

CVE-2025-39860 Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free in l2capsockcleanuplisten syzbot reported the splat below without a repro. In the splat, a single thread calling btacceptdequeue freed sk and touched it after that. The root cause would be the racy...

CVE-2025-39860 Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free in l2capsockcleanuplisten syzbot reported the splat below without a repro. In the splat, a single thread calling btacceptdequeue freed sk and touched it after that. The root cause would be the racy...

CVE-2025-39852

CVE-2025-39852: Linux kernel TCP stack IPv6 TCP-AO path leaks memory when tcp_v6_syn_recv_sock() exits on error due to missing error-handling cleanup. The linked Astra/OpenSUSE advisories confirm the fix adds inet_csk_prepare_forced_close() and tcp_done() (as in the IPv4 path) to ensure the new s...

CVE-2025-39852 net/tcp: Fix socket memory leak in TCP-AO failure handling for IPv6

In the Linux kernel, the following vulnerability has been resolved: net/tcp: Fix socket memory leak in TCP-AO failure handling for IPv6 When tcpaocopyallmatching fails in tcpv6synrecvsock it just exits the function. This ends up causing a memory-leak: unreferenced object 0xffff0000281a8200 size...

CVE-2025-39852 net/tcp: Fix socket memory leak in TCP-AO failure handling for IPv6

In the Linux kernel, the following vulnerability has been resolved: net/tcp: Fix socket memory leak in TCP-AO failure handling for IPv6 When tcpaocopyallmatching fails in tcpv6synrecvsock it just exits the function. This ends up causing a memory-leak: unreferenced object 0xffff0000281a8200 size...

CVE-2025-39848

In the Linux kernel, the following vulnerability has been resolved: ax25: properly unshare skbs in ax25kissrcv Bernard Pidoux reported a regression apparently caused by commit c353e8983e0d "net: introduce per netns packet chains". skb-dev becomes NULL and we crash in netifreceiveskbcore. Before...

CVE-2025-39848

CVE-2025-39848 (Linux kernel) concerns ax25_kiss_rcv() potentially queuing/mangling input skbs when the skb is shared, leading to crashes in __netif_receive_skb_core() after a per-netns packet-chain change. The root cause is a lack of proper unsharing of skbs in ax25_kiss_rcv(), with a regression...

CVE-2025-39848 ax25: properly unshare skbs in ax25_kiss_rcv()

In the Linux kernel, the following vulnerability has been resolved: ax25: properly unshare skbs in ax25kissrcv Bernard Pidoux reported a regression apparently caused by commit c353e8983e0d "net: introduce per netns packet chains". skb-dev becomes NULL and we crash in netifreceiveskbcore. Before...

CVE-2025-39839 batman-adv: fix OOB read/write in network-coding decode

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadvncskbdecodepacket trusts codedlen and checks only against skb-len. XOR starts at sizeofstruct batadvunicastpacket, reducing payload headroom, and the source skb length...

USN-7758-4 linux-oracle-6.8 vulnerability

It was discovered that the AFUNIX socket garbage collection implementation in Ubuntu Noble's 6.8 kernel did not properly handle out-of-band OOB messages, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary...

USN-7758-3 linux-realtime vulnerability

It was discovered that the AFUNIX socket garbage collection implementation in Ubuntu Noble's 6.8 kernel did not properly handle out-of-band OOB messages, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary...

USN-7758-2 linux-ibm, linux-ibm-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-raspi vulnerability

It was discovered that the AFUNIX socket garbage collection implementation in Ubuntu Noble's 6.8 kernel did not properly handle out-of-band OOB messages, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary...

Linux Distros Unpatched Vulnerability : CVE-2023-53426

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xsk: Fix xskdiag use-after-free error during socket cleanup Fix a use-after-free error that ...

Linux Distros Unpatched Vulnerability : CVE-2022-50409

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: If sock is dead don't access sock's skwq in skstreamwaitmemory Fixes the below NULL pointer dereference: ... 14.471200 Call Trace: 14.471562 14.471882...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to free an old skb when memory allocation fails in the padcompressskb function, which could lead...

SUSE CVE-2023-53383

In the Linux kernel, the following vulnerability has been resolved: irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4 The T241 platform suffers from the T241-FABRIC-4 erratum which causes unexpected behavior in the GIC when multiple transactions are received simultaneously from different...

SUSE CVE-2023-53398

In the Linux kernel, the following vulnerability has been resolved: mlx5: fix possible ptp queue fifo use-after-free Fifo indexes are not checked during pop operations and it leads to potential use-after-free when poping from empty queue. Such case was possible during re-sync action. WARNONONCE...