CVE-2022-50885 RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

PT-2025-54121

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc5+ Description The Linux kernel contains a flaw in the RDMA/rxe module where a null pointer dereference can occur in the rxe qp do cleanup function when socket creation fails. This issue arises due to the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989332)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989332 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2capsockcreate btsockalloc...

SUSE SLED15: chrony / chrony-pool-empty / chrony-pool-openSUSE / etc (SUSE-SU-2025:3794-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3794-1 advisory. - Race condition during socket creation by chronyc allows privilege escalation from user chrony to root...

Security update for chrony

This update for chrony fixes the following issues: Race condition during socket creation by chronyc allows privilege escalation from user chrony to root bsc1246544. This update also ships chrony-pool-empty to SLE Micro 5.x jscSMO-587 Patch Instructions: To install this SUSE update use the SUSE...

SUSE-SU-2025:3794-1 Security update for chrony

This update for chrony fixes the following issues: - Race condition during socket creation by chronyc allows privilege escalation from user chrony to root bsc1246544. This update also ships chrony-pool-empty to SLE Micro 5.x jscSMO-587...

EUVD-2012-6503

Malware in sbrugna...

EUVD-2019-7526

Malware in sbrugna...

EUVD-2019-7525

Malware in sbrugna...

EUVD-2019-7524

Malware in sbrugna...

DEBIAN-CVE-2022-50071

In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...

UBUNTU-CVE-2022-50071

In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...

CVE-2022-50071 mptcp: move subflow cleanup in mptcp_destroy_common()

In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...

CVE-2022-50071

The CVE-2022-50071 issue affects the Linux kernel’s MPTCP implementation. The vulnerability arises when socket creation fails due to a CGROUP_INET_SOCK_CREATE eBPF program, causing leakage of subflows because cleanup was not invoked in that code path. The fix moves subflow cleanup into the mptcp_...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a resource leak caused by MPTCP's failure to clean up a subflow when a socket creation fails...

kernel: mptcp: init: protect sched with rcu_read_lock

In the Linux kernel, the following vulnerability has been resolved: mptcp: init: protect sched with rcureadlock Enabling CONFIGPROVERCULIST with its dependence CONFIGRCUEXPERT creates this splat when an MPTCP socket is created: ============================= WARNING: suspicious RCU usage 6.12.0-rc...

kernel: net: explicitly clear the sk pointer, when pf->create fails

In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf-create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b "net: do not leave a dangling sk pointer, when socket creation fails". The problem is that...

DEBIAN-CVE-2025-21884

In the Linux kernel, the following vulnerability has been resolved: net: better track kernel sockets lifetime While kernel sockets are dismantled during pernetoperations-exit, their freeing can be delayed by any tx packets still held in qdisc or device queues, due to skbsetownerw prior calls. Thi...

The vulnerability of the __sock_create() function in the net/socket.c module of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sockcreate function in the net/socket.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected informatio...

Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()

...