Azure Linux 3.0 Security Update: kernel (CVE-2025-38112)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38112 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: Fix TOCTOU issue in skisreadable...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38165)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38165 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix panic when calling...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993210)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993210 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993082)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993082 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix the sk-skforwardalloc warning of skstreamkillqueues When running testsockmap...

SUSE CVE-2025-68227

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspace, or based on bpf sockops, replacing the skprot of sockets during protocol stack processing with sockmap's custom read/write...

EUVD-2025-203669

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspace, or based on bpf sockops, replacing the skprot of sockets during protocol stack processing with sockmap's custom read/write...

CVE-2025-68227

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspace, or based on bpf sockops, replacing the skprot of sockets during protocol stack processing with sockmap's custom read/write...

AZL-72503 CVE-2025-68227 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspace, or based on bpf sockops, replacing the skprot of sockets during protocol stack processing with sockmap's custom read/write...

UBUNTU-CVE-2025-68227

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspace, or based on bpf sockops, replacing the skprot of sockets during protocol stack processing with sockmap's custom read/write...

CVE-2025-68227

CVE-2025-68227 relates to the Linux kernel MPTCP path where sockmap/BPF can override sk_prot, causing improper protocol handling when a non-MPTCP TCP SYN is accepted. The fix makes comparison use sk_family (not sk_prot) to determine the protocol, preventing misclassification of sockets when sockm...

CVE-2025-68227 mptcp: Fix proto fallback detection with BPF

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspace, or based on bpf sockops, replacing the skprot of sockets during protocol stack processing with sockmap's custom read/write...

SUSE CVE-2023-53836

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...

EUVD-2023-60160

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...

CVE-2023-53836

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...

DEBIAN-CVE-2023-53836

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...

CVE-2023-53836

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...

UBUNTU-CVE-2023-53836

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...

CVE-2023-53836 bpf, sockmap: Fix skb refcnt race after locking changes

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...

CVE-2023-53836

Summary of CVE-2023-53836 (Linux kernel): A race exists in the sockmap path (bpf/sockmap) where skb objects in the sk_psock_backlog can be referenced after userspace drains the skb, leading to a use-after-free when skb_dequeue() occurs after the skb has been freed. The published fixes add skb_get...

CVE-2023-53836 bpf, sockmap: Fix skb refcnt race after locking changes

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...