CVE-2025-39964

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...

CVE-2025-39964

CVE-2025-39964 affects the Linux kernel crypto: af_alg where two concurrent writes to the same af_alg socket could interleave data and corrupt internal socket state. The fix adds a dedicated exclusive ownership indicator (ctx->write) to prevent concurrent writes and ensure serialized access. I...

CVE-2025-39964 crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...

[SECURITY] Fedora 41 Update: podman-tui-1.9.0-1.fc41

podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

[SECURITY] Fedora 42 Update: podman-tui-1.9.0-1.fc42

podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

kernel: skbuff: Fix a race between coalescing and releasing SKBs

In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 "skbuff: fix coalescing for pagepool fragment recycling" allowed coalescing to proceed with non page pool page and page pool page when @from is cloned,...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from afalgsendmsg allowing concurrent writes, which could result in inconsistent internal socket state...

RHEL 9 : kernel (RHSA-2025:17734)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17734 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netsched: hfsc: Fix a potenti...

bluetooth/l2cap: sync sock recv cb and release

...

[SECURITY] Fedora 42 Update: python-socketio-5.14.1-1.fc42

Socket.IO is a transport protocol that enables real-time bidirectional event-based communication between clients typically, though not always, web browsers and a server. The official implementations of the client and server components are written in JavaScript. This package provides Python...

Fedora 42 : python-socketio (2025-96c38634c7)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-96c38634c7 advisory. Release 5.14.1 - 2025-10-02 - Restore support for rediss:// URLs, and add support for valkeys:// as well - Add support for Redis connections using unix socke...

EulerOS 2.0 SP11 : cloud-init (EulerOS-SA-2025-2221)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,cloud-init defau...

SUSE-SU-2025:03539-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2024-50154: tcp/dccp: Do not use timerpending in reqskqueueunlink bsc1233072. -...

JLSEC-2025-18 An issue was discovered in dbus >= 1.3.0 before 1.12.18

An issue was discovered in dbus = 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AFUNIX socket...

Docker Desktop 4.46.0 < 4.47.0 Container Escape

The version of Docker Desktop is prior to 4.47.0. It is therefore affected by a container escape vulnerability. In a hardened Docker environment, with Enhanced Container Isolation ECI https://docs.docker.com/enterprise/security/ hardened-desktop/enhanced-container-isolation/ enabled, an...

EUVD-2025-33328

In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. syzbot reported the splat below where a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. 0 syzbot reused the server-side TCP Fast Open socket as a new client before the...

PT-2025-46653

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the idpf driver related to the handling of SKBs Socket Buffer in PTP Precision Time Protocol flows. Specifically, the issue arises when an SKB is...

SUSE CVE-2023-53660

In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Handle skb as well when clean up ptrring The following warning was reported when running xdpredirectcpu with both skb-mode and stress-mode enabled: ------------ cut here ------------ Incorrect XDP memory type...

SUSE-SU-2025:03498-1 Security update for the Linux Kernel (Live Patch 68 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122258 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315...