40 matches found
CVE-2026-43050
In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...
UBUNTU-CVE-2026-23392
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flowtable after rcu grace period on error Call synchronizercu after unregistering the hooks from error path, since a hook that already refers to this flowtable can be already registered, exposing this...
Linux Distros Unpatched Vulnerability : CVE-2026-23392
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nftables: release flowtable after rcu grace period on error Call synchronizercu after unregistering the hooks from error path, since a hook that...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-417046)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-417046 advisory. In the Linux kernel, the following vulnerability has been resolved: ila: call nfunregisternethooks sooner syzbot found an use-after-free Read in ilanfinput 1 Issue...
EUVD-2024-53303
Malicious code in bioql PyPI...
SUSE CVE-2025-21727
In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padatareorder A bug was found when run ltp test: BUG: KASAN: slab-use-after-free in padatafindnext+0x29/0x1a0 Read of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206 CPU: 0 PID: 3039206 Comm:...
SUSE CVE-2024-56655
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not defer rule destruction via callrcu nftableschaindestroy can sleep, it can't be used from callrcu callbacks. Moreover, nftablesrulerelease is only safe for error unwinding, while transaction mutex is he...
AZL-55300 CVE-2024-56655 affecting package kernel for versions less than 6.6.76.1-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not defer rule destruction via callrcu nftableschaindestroy can sleep, it can't be used from callrcu callbacks. Moreover, nftablesrulerelease is only safe for error unwinding, while transaction mutex is he...
CVE-2024-56655
Summary of CVE-2024-56655 (Linux kernel nf_tables) : The vulnerability arises from deferring rule destruction in nf_tables via call_rcu, where nf_tables_chain_destroy can sleep and is not safe to run from call_rcu callbacks. nf_tables_rule_release() is only safe for error unwinding while a transa...
CVE-2024-56655 netfilter: nf_tables: do not defer rule destruction via call_rcu
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not defer rule destruction via callrcu nftableschaindestroy can sleep, it can't be used from callrcu callbacks. Moreover, nftablesrulerelease is only safe for error unwinding, while transaction mutex is he...
SUSE CVE-2024-46782
In the Linux kernel, the following vulnerability has been resolved: ila: call nfunregisternethooks sooner syzbot found an use-after-free Read in ilanfinput 1 Issue here is that ilaxlatexitnet frees the rhashtable, then call nfunregisternethooks. It should be done in the reverse way, with a...
CVE-2024-46782
A use-after-free read flaw was found in the Linux kernel's IPv6 Identifier Locator Addressing ILA functionality. This issue occurs when a user unloads the ila module and could allow a local user to crash the system or escalate their privileges on the system. Mitigation To mitigate this issue,...
CVE-2024-46782
In the Linux kernel, the following vulnerability has been resolved: ila: call nfunregisternethooks sooner syzbot found an use-after-free Read in ilanfinput 1 Issue here is that ilaxlatexitnet frees the rhashtable, then call nfunregisternethooks. It should be done in the reverse way, with a...
DEBIAN-CVE-2024-46782
In the Linux kernel, the following vulnerability has been resolved: ila: call nfunregisternethooks sooner syzbot found an use-after-free Read in ilanfinput 1 Issue here is that ilaxlatexitnet frees the rhashtable, then call nfunregisternethooks. It should be done in the reverse way, with a...
CVE-2024-46782 ila: call nf_unregister_net_hooks() sooner
In the Linux kernel, the following vulnerability has been resolved: ila: call nfunregisternethooks sooner syzbot found an use-after-free Read in ilanfinput 1 Issue here is that ilaxlatexitnet frees the rhashtable, then call nfunregisternethooks. It should be done in the reverse way, with a...
CVE-2024-46782 ila: call nf_unregister_net_hooks() sooner
In the Linux kernel, the following vulnerability has been resolved: ila: call nfunregisternethooks sooner syzbot found an use-after-free Read in ilanfinput 1 Issue here is that ilaxlatexitnet frees the rhashtable, then call nfunregisternethooks. It should be done in the reverse way, with a...
CVE-2024-46782 ila: call nf_unregister_net_hooks() sooner
In the Linux kernel, the following vulnerability has been resolved: ila: call nfunregisternethooks sooner syzbot found an use-after-free Read in ilanfinput 1 Issue here is that ilaxlatexitnet frees the rhashtable, then call nfunregisternethooks. It should be done in the reverse way, with a...
CVE-2024-44952
In the Linux kernel, the following vulnerability has been resolved: driver core: Fix ueventshow vs driver detach race ueventshow wants to de-reference dev-driver-name. There is no clean way for a device attribute to de-reference dev-driver unless that attribute is defined via struct...
CVE-2024-44952
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-44952
Removed by vendor...