CVE-2026-46116

In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable via the...

CVE-2026-46116

CVE-2026-46116 affects the Linux kernel xfrm subsystem (xfrm_state). The root cause is a local-use-after-free in __xfrm_state_delete due to unsafe deletions from byseq/byspi hash chains. The patch changes deletions to hlist_del_init_rcu and uses hlist_unhashed() checks, preventing writes after LI...

PT-2026-44239

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.47 Description A slab-use-after-free and out-of-bounds write issue exists in the Linux kernel's xfrm module. The problem occurs within the xfrm state delete function, where unhashing of byseq and byspi lists...

CVE-2025-40256

No description is available for this CVE...

CVE-2025-40256

CVE-2025-40256 is a Linux kernel vulnerability in xfrm where xfrm_state_delete_tunnel was not called for states created but not inserted, causing a FB tunnel leak. The issue arises when full init_state runs but insertion fails before user state is linked, leaving a fallback tunnel on lists. Affec...

CVE-2025-40256 xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added

In the Linux kernel, the following vulnerability has been resolved: xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added In commit b441cf3f8c4b "xfrm: delete x-tunnel as we delete x", I missed the case where state creation fails between full initialization...

CVE-2018-16298

An issue was discovered in MiniCMS 1.10. There is an mc-admin/post.php?tag= XSS vulnerability for a state=delete, state=draft, or state=publish request...

The vulnerability of the __xfrm_state_delete() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the xfrmstatedelete function in the Linux operating system is related to operations involving resources after their expiration or release. Exploiting this vulnerability can allow an attacker to cause a service failure...

net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue in the net/mlx5e subsystem where repeated calls to the xfrmstatedelete function cause a crash...

CVE-2018-16298

MiniCMS 1.10 is affected by a cross-site scripting (XSS) vulnerability in the admin endpoint mc-admin/post.php?tag= where requests with state=delete, state=draft, or state=publish can inject script or HTML. The flaw is triggered via the tag parameter and is present in the public CVE entries acros...