22 matches found
CVE-2026-43091
In the Linux kernel, the following vulnerability has been resolved: xfrm: Wait for RCU readers during policy netns exit xfrmpolicyfini frees the policybydst hash tables after flushing the policy work items and deleting all policies, but it does not wait for concurrent RCU readers to leave their...
CVE-2026-43091
The CVE-2026-43091 vulnerability affects the Linux kernel xfrm policy handling during netns exit. The root cause is that xfrm_policy_fini() frees the policy_bydst hash tables after flushing work items and deleting policies, but does not wait for concurrent RCU readers to exit read-side critical s...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ila: Call nfunregisternethooks earlier. A use-after-free condition was detected in ilanfinput 1. The issue arises from ilaxlatexitnet freeing the rhashtable, followed by the call to nfunregisternethooks. This should be done in...
CVE-2026-43050 atm: lec: fix use-after-free in sock_def_readable()
In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...
CVE-2026-31541
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix tracemarker copy link list updates When the "copytracemarker" option is enabled for an instance, anything written into /sys/kernel/tracing/tracemarker is also copied into that instances buffer. When the option is set...
CVE-2026-23392
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flowtable after rcu grace period on error Call synchronizercu after unregistering the hooks from error path, since a hook that already refers to this flowtable can be already registered, exposing this...
CVE-2026-23392
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flowtable after rcu grace period on error Call synchronizercu after unregistering the hooks from error path, since a hook that already refers to this flowtable can be already registered, exposing this...
EUVD-2026-9401
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix use-after-free in nftablesaddchain nftablesaddchain publishes the chain to table-chains via listaddtailrcu in nftchainadd before registering hooks. If nftablesregisterhook then fails, the error path calls...
DEBIAN-CVE-2026-23231
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix use-after-free in nftablesaddchain nftablesaddchain publishes the chain to table-chains via listaddtailrcu in nftchainadd before registering hooks. If nftablesregisterhook then fails, the error path calls...
CVE-2026-23231
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix use-after-free in nftablesaddchain nftablesaddchain publishes the chain to table-chains via listaddtailrcu in nftchainadd before registering hooks. If nftablesregisterhook then fails, the error path calls...
CVE-2026-23231 netfilter: nf_tables: fix use-after-free in nf_tables_addchain()
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix use-after-free in nftablesaddchain nftablesaddchain publishes the chain to table-chains via listaddtailrcu in nftchainadd before registering hooks. If nftablesregisterhook then fails, the error path calls...
PT-2026-22911
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the nf tables module, specifically in the nf tables addchain function. This function publishes a chain before registering hooks, a...
Azure Linux 3.0 Security Update: kernel (CVE-2024-56655)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56655 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not defer rule...
PT-2026-27757
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a flowtable is not properly released after an error, potentially leading to a use-after-free condition. This can occur when unregistering hooks...
EUVD-2025-25580
Malicious code in bioql PyPI...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: padata: fixed UAF in padatareorder A bug was found when running the ltp test: BUG: KASAN: slab-use-after-free in padatafindnext+0x29/0x1a0 Read of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206 CPU: 0 PID: 3039206...
SUSE CVE-2025-21938
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix 'scheduling while atomic' in mptcppmnlappendnewlocaladdr If multiple connection requests attempt to create an implicit mptcp endpoint in parallel, more than one caller may end up in mptcppmnlappendnewlocaladdr because...
UBUNTU-CVE-2025-21727
In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padatareorder A bug was found when run ltp test: BUG: KASAN: slab-use-after-free in padatafindnext+0x29/0x1a0 Read of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206 CPU: 0 PID: 3039206 Comm:...
DEBIAN-CVE-2024-56655
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not defer rule destruction via callrcu nftableschaindestroy can sleep, it can't be used from callrcu callbacks. Moreover, nftablesrulerelease is only safe for error unwinding, while transaction mutex is he...
CVE-2024-56655
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not defer rule destruction via callrcu nftableschaindestroy can sleep, it can't be used from callrcu callbacks. Moreover, nftablesrulerelease is only safe for error unwinding, while transaction mutex is he...