Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tcpbpf: The function tcpbpfsendverdict fails to allocate psock-cork when called. syzbot reported the following issue. 0 The reproduction of the issue involves the following steps: 1. Load a skmsg program that calls...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: seg6: Fixed the iif in the IPv6 socket control block. When an IPv4 packet is received, the iprcvcore... function sets the receiving interface index into the IPv4 socket control block v5.16-rc4, net/ipv4/ipinput.c, line 510: c...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Added a check on the len parameter to prevent empty skb objects. This prevents a division error in the netemenqueue function, which occurs when skb-len=0 and skb-datalen=0 during the randomized corruption...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: “aoe”: fixed the potential use-after-free issue in multiple locations. Regarding the fix for CVE-2023-6270, f98364e92662 “aoe: fixed the potential use-after-free issue in aoecmdcfgpkts” modifies the behavior so that the tx...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: The initialization of the dangling pointer that occurs in vsk-trans has been addressed. During loopback communication, a dangling pointer can be created in vsk-trans, which may lead to a Use-After-Free condition. Th...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: A use-after-free issue was addressed in emacmactxbufsend. In emacmactxbufsend, it calls emactxfilltpd.., skb,... If an error occurs in emactxfilltpd, the skb will be freed via devkfreeskbskb in the error branch...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: In the BPF code, ensure that skb-len != 0 when redirecting a packet to a tunneling device. The syzkaller function managed to trigger another case where skb-len == 0 when entering devqueuexmit. WARNING: CPU: 0, PID: 2470; Location...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed a race condition related to the refcnt of skb after locking operations. There is a race condition where the skb from the skpsockbacklog can be referenced after the user-space side has already consumed the...

kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()

A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...

kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service

A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...

Exploit for CVE-2026-46333

ptracemaydream CVE-2026-46333 Local privilege escalation e...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021569)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021569 advisory. In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated s...

haveged 安全漏洞

Haveged is a random number generation tool developed by Jirka-H. Haveged has a security vulnerability; this vulnerability stems from the sockethandler function not stopping its execution when it detects that the connection user is not a root user. This allows any local non-privileged user to...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021642 advisory. In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021647 advisory. In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021540)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021540 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix acceptqueue memory leak As the final stages of socket destruction may be delaye...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021636)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021636 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: fix sk refcount leaks We must put 'sk' reference before returning. Tenable...

PT-2026-42117

Name of the Vulnerable Software and Affected Versions haveged affected versions not specified Description A privilege escalation issue exists via the command socket. The software verifies the connecting peer's user ID using SO PEERCRED and sends a NAK response to non-root callers. However,...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021571)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021571 advisory. In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated...

EUVD-2026-29951

Bandit: Unauthenticated DoS via chunked request trailers in Bandit HTTP/1 decoder...