31 matches found
CVE-2026-53184
The CVE-2026-53184 issue affects the Linux kernel UDP sockmap path. On UDP receive, skb->dev is repurposed as dev_scratch; when a SK_SKB verdict program uses BPF socket-lookup helpers (bpf_sk_lookup_tcp/udp, bpf_skc_lookup_tcp), skb->dev may still hold the dev_scratch value, and dev_net(skb...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘sched/fair: Make sure to try to detach at least one movable task’” This change is reflected in commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. The patch b0defa7ae03ec changed the load balancing logic to ignore env.maxlo...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: fs: dlm: fixed use-after-free in midcomms commit While working on processing dlm messages in the softirq context, I encountered the following KASAN use-after-free warnings: 151.760477...
SUSE CVE-2026-46137
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...
CVE-2026-46137
A flaw was found in the Linux kernel, specifically within the Multipath TCP MPTCP implementation. The mptcppmaddtimer helper, which is executed as a timer callback, does not properly hold the socket lock when operating in a softirq context. This oversight can lead to a potential data race, which...
CVE-2026-46137
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...
CVE-2026-46137
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...
CVE-2026-46137 mptcp: pm: ADD_ADDR rtx: fix potential data-race
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...
PT-2026-37393
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net: ioam6 component where an out-of-bounds access of the dev- tx array can occur when is input is true. This happens because skb get tx queue does not clamp the...
CVE-2026-23168
In the Linux kernel, the following vulnerability has been resolved: flexproportions: make fpropnewperiod hardirq safe Bernd has reported a lockdep splat from flexible proportions code that is essentially complaining about the following race: runtimersoftirq - we are in softirq context calltimerfn...
CVE-2026-23138
In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace code called back into...
CVE-2026-23138
In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace code called back into...
CVE-2026-23138 tracing: Add recursion protection in kernel stack trace recording
In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace code called back into...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37808)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37808 advisory. - In the Linux kernel, the following vulnerability has been resolved: crypto: null - Use spin lock instead of...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993155)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993155 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: null - Use spin lock instead of mutex As the null algorithm may be freed in softirq conte...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992292)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992292 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: null - Use spin lock instead of mutex As the null algorithm may be freed in softirq conte...
PT-2025-53008
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where an invalid memory access can occur following fault injection in the update effective progs function. This issue arises when fault injection causes...
CVE-2025-40164 usbnet: Fix using smp_processor_id() in preemptible code warnings
In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix using smpprocessorid in preemptible code warnings Syzbot reported the following warning: BUG: using smpprocessorid in preemptible 00000000 code: dhcpcd/2879 caller is usbnetskbreturn+0x74/0x490...
EUVD-2025-32786
In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix use after free in midcomms commit While working on processing dlm message in softirq context I experienced the following KASAN use-after-free warning: 151.760477...
DEBIAN-CVE-2025-37808
In the Linux kernel, the following vulnerability has been resolved: crypto: null - Use spin lock instead of mutex As the null algorithm may be freed in softirq context through afalg, use spin locks instead of mutexes to protect the default null algorithm...