CVE-2023-53312 net: fix net_dev_start_xmit trace event vs skb_transport_offset()

In the Linux kernel, the following vulnerability has been resolved: net: fix netdevstartxmit trace event vs skbtransportoffset After blamed commit, we must be more careful about using skbtransportoffset, as reminded us by syzbot: WARNING: CPU: 0 PID: 10 at include/linux/skbuff.h:2868...

CVE-2022-50350

The CVE-2022-50350 issue affects the Linux kernel’s iSCSI target login path. A race between login_work and the login thread can occur when a malicious initiator sends data immediately after a login PDU. If LOGIN_FLAGS_INITIAL_PDU isn’t cleared due to no further PDU exchanges, the login_work threa...

CVE-2022-50350 scsi: target: iscsi: Fix a race condition between login_work and the login thread

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix a race condition between loginwork and the login thread In case a malicious initiator sends some random data immediately after a login PDU; the iscsitargetskdataready callback will schedule the loginwork...

Linux Distros Unpatched Vulnerability : CVE-2023-53186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 skbuff: fix...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a corrupted SKB in the REO target ring, which could lead to memory corruption and a system crash...

PT-2025-41786

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in the crypto/af alg module where concurrent writes to the same af alg socket can lead to data interleaving and inconsistencies in the internal socket...

Linux Distros Unpatched Vulnerability : CVE-2023-53198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - raw: Fix NULL deref in rawgetnext. Dae R. Jeong reported a NULL deref in rawgetnext 0. It seems that the repro was running these sequences in parallel so that o...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpifetchacpidev return value CVE-2022-50327 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps CVE-2024-49861 In the Linux...

SUSE CVE-2022-50291

In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxpsock kcm-rxpsock can be read locklessly in kcmrfree. Annotate the read and writes accordingly. We do the same for kcm-rxwait in the following patch. syzbot reported: BUG: KCSAN: data-race in...

SUSE CVE-2022-50321

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix potential memory leak in brcmfnetdevstartxmit The brcmfnetdevstartxmit returns NETDEVTXOK without freeing skb in case of pskbexpandhead fails, add devkfreeskb to fix it. Compile tested only...

CVE-2025-43359

A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A UDP server socket bound to a local interface may become bound to all...

CVE-2025-43359

A logic issue was addressed with improved state management. This issue is fixed in tvOS 26, watchOS 26, macOS Sonoma 14.8, iOS 26 and iPadOS 26, macOS Sequoia 15.7, visionOS 26, iOS 18.7 and iPadOS 18.7. A UDP server socket bound to a local interface may become bound to all interfaces...

CVE-2025-43359

A logic issue was addressed with improved state management. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A UDP server socket bound to a local interface may become bound to all...

CVE-2025-43359

A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A UDP server socket bound to a local interface may become bound to all...

DEBIAN-CVE-2023-53204

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data-races around user-unixinflight. user-unixinflight is changed under spinlockunixgclock, but toomanyunixfds reads it locklessly. Let's annotate the write/read accesses to user-unixinflight. BUG: KCSAN: data-race in...

CVE-2022-50321

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix potential memory leak in brcmfnetdevstartxmit The brcmfnetdevstartxmit returns NETDEVTXOK without freeing skb in case of pskbexpandhead fails, add devkfreeskb to fix it. Compile tested only...

DEBIAN-CVE-2022-50321

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix potential memory leak in brcmfnetdevstartxmit The brcmfnetdevstartxmit returns NETDEVTXOK without freeing skb in case of pskbexpandhead fails, add devkfreeskb to fix it. Compile tested only...

CVE-2022-50291 kcm: annotate data-races around kcm->rx_psock

In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxpsock kcm-rxpsock can be read locklessly in kcmrfree. Annotate the read and writes accordingly. We do the same for kcm-rxwait in the following patch. syzbot reported: BUG: KCSAN: data-race in...

CVE-2023-53204

CVE-2023-53204 affects the Linux kernel af_unix subsystem. The root cause is a data race on the unix_inflight field: user->unix_inflight is modified under spin_lock(unix_gc_lock), while too_many_unix_fds() reads it locklessly, enabling a race between unix_attach_fds and the unix_inflight acces...

CVE-2023-53199

CVE-2023-53199 – Linux kernel, wifi: ath9k: hif_usb memory leak in rx stream . Syzkaller reported that when processing skbs in ath9k_hif_usb_rx_stream(), allocated skbs in skb_pool could be leaked if the function fails (e.g., due to an incorrect pkt_len or pkt_tag causing an input skb to be inval...