CVE-2022-50271 vhost/vsock: Use kvmalloc/kvfree for larger packets.

In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over vsock, data size is usually 32kB, and kmalloc seems to fail to try to allocate 32 32kB regions. vhost-5837: page allocation failure:...

CVE-2022-50265 kcm: annotate data-races around kcm->rx_wait

In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxwait kcm-rxpsock can be read locklessly in kcmrfree. Annotate the read and writes accordingly. syzbot reported: BUG: KCSAN: data-race in kcmrcvstrparser / kcmrfree write to 0xffff88810784e3d0...

DEBIAN-CVE-2022-50259

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference on the socket. This can cause use-after-free as syzbot found 1 Jakub Sitnicki already took care of a similar issue in sockhashfree i...

CVE-2022-50253

In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb-len != 0 when redirecting to a tunneling device syzkaller managed to trigger another case where skb-len == 0 when we enter devqueuexmit: WARNING: CPU: 0 PID: 2470 at include/linux/skbuff.h:2576 skbassertlen...

CVE-2022-50259

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference on the socket. This can cause use-after-free as syzbot found 1 Jakub Sitnicki already took care of a similar issue in sockhashfree i...

DEBIAN-CVE-2022-50248

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix double free on tx path. We see kernel crashes and lockups and KASAN errors related to ax210 firmware crashes. One of the KASAN dumps pointed at the tx path, and it appears there is indeed a way to...

CVE-2023-53186 skbuff: Fix a race between coalescing and releasing SKBs

In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 "skbuff: fix coalescing for pagepool fragment recycling" allowed coalescing to proceed with non page pool page and page pool page when @from is cloned,...

CVE-2023-53186 skbuff: Fix a race between coalescing and releasing SKBs

In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 "skbuff: fix coalescing for pagepool fragment recycling" allowed coalescing to proceed with non page pool page and page pool page when @from is cloned,...

CVE-2022-50259 bpf, sockmap: fix race in sock_map_free()

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference on the socket. This can cause use-after-free as syzbot found 1 Jakub Sitnicki already took care of a similar issue in sockhashfree i...

CVE-2022-50259 bpf, sockmap: fix race in sock_map_free()

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference on the socket. This can cause use-after-free as syzbot found 1 Jakub Sitnicki already took care of a similar issue in sockhashfree i...

CVE-2022-50259

CVE-2022-50259 : In the Linux kernel, a race in sock_map_free() can cause use-after-free because sock_map_free() calls release_sock(sk) without owning a socket reference. This vulnerability affects BPF sockmap handling and is illustrated by the kernel call chain leading to release_sock and sock_m...

CVE-2022-50248

CVE-2022-50248 is a Linux kernel vulnerability affecting the iwlwifi/iwl mvm TX path where a double-free of skb can occur. The issue arises when iwl_mvm_tx_skb_sta returns non-zero and the skb is freed, but a TSO skb buffer may also be freed in an error path; the fix is to return 0 in that error ...

kernel: net: usb: smsc75xx: Limit packet length to skb->len

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...

PT-2025-37641

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a memory leak in the ath9k hif usb rx stream function within the ath9k USB Host Interface HIF driver. Syzkaller detected that when processing skbs socket...

PT-2025-37502

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a vulnerability in the iwlwifi MVM subsystem that can lead to a double free on the transmit path. This issue can cause kernel crashes, lockups, and KASAN...

PT-2025-37550

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition exists between coalescing and releasing SKBs Socket Buffer in the Linux kernel. A commit intended to fix coalescing for page pool fragment recycling inadvertently...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the release of cloned SKBs not being handled correctly during the SKB merge process, which could lead to double...

PT-2025-37513

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition exists in the sock map free function within the kernel's bpf and sockmap implementation. Specifically, sock map free calls release socksk without holding a reference t...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure of ath9khifusbrxstream to clean up skbs in skbpool when it fails, which could lead to a memory...

PT-2025-37850

Name of the Vulnerable Software and Affected Versions: macOS Tahoe version 26 macOS Sequoia versions 15.7 macOS Sonoma version 14.8 tvOS version 26 visionOS version 26 watchOS version 26 iOS versions prior to 18.7 iPadOS versions prior to 18.7 Description: A logic issue was addressed with improve...