33 matches found
CVE-2026-31515
In the Linux kernel, the following vulnerability has been resolved: afkey: validate families in pfkeysendmigrate syzbot was able to trigger a crash in skbput 1 Issue is that pfkeysendmigrate does not check old/new families, and that setipsecrequest @family argument was truncated, thus possibly...
UBUNTU-CVE-2026-23011
In the Linux kernel, the following vulnerability has been resolved: ipv4: ipgre: make ipgreheader robust Analog to commit db5b4e39c4e6 "ip6gre: make ip6greheader robust" Over the years, syzbot found many ways to crash the kernel in ipgreheader 1. This involves team or bonding drivers ability to...
SUSE CVE-2025-71098
In the Linux kernel, the following vulnerability has been resolved: ip6gre: make ip6greheader robust Over the years, syzbot found many ways to crash the kernel in ip6greheader 1. This involves team or bonding drivers ability to dynamically change their dev-neededheadroom and/or dev-hardheaderlen ...
CVE-2022-50697
In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must prevent restarting of the timer, If we have no this synchronization, there is a small probability that the cancellation will not be...
SUSE CVE-2023-54051
In the Linux kernel, the following vulnerability has been resolved: net: do not allow gsosize to be set to GSOBYFRAGS One missing check in virtionethdrtoskb allowed syzbot to crash kernels again 1 Do not allow gsosize to be set to GSOBYFRAGS 0xffff, because this magic value is used by the kernel....
EUVD-2023-60275
In the Linux kernel, the following vulnerability has been resolved: net: do not allow gsosize to be set to GSOBYFRAGS One missing check in virtionethdrtoskb allowed syzbot to crash kernels again 1 Do not allow gsosize to be set to GSOBYFRAGS 0xffff, because this magic value is used by the kernel....
CVE-2022-50697
CVE-2022-50697 affects the Linux kernel and relates to a race in timer cancellation that could lead to a use-after-free (UAF). The issue stems from a lack of synchronization when del_timer_sync is involved, with a syzbot crash trace showing a KASAN use-after-free in hlist_add_head and enqueue_tim...
PT-2025-52927
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc5-syzkaller-00008-ge01d50cbd6ee Description The Linux kernel contains a use-after-free issue within the mrp Multiple Registration Protocol component. Specifically, a synchronization problem exists in the...
SUSE CVE-2025-68335
In the Linux kernel, the following vulnerability has been resolved: comedi: pcl818: fix null-ptr-deref in pcl818aicancel Syzbot identified an issue 1 in pcl818aicancel, which stems from the fact that in case of early device detach via pcl818detach, subdevice dev-readsubdev may not have initialize...
Linux Distros Unpatched Vulnerability : CVE-2025-40357
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/smc: fix general protection fault in smcdiagdump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address...
CVE-2025-40357
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in smcdiagdump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 1 SMP KASAN NOPTI KASAN: maybe wild-memory-access in rang...
LSN-0116-1: Kernel Live Patch Security Notice
In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic leak in ring data allocation/free, where aqringfree could be called multiple times on same ring, if system is under stress and got memory allocation...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-386036)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-386036 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctpsfootb A size validation fix similar to that in Commit...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986514)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986514 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free read in drmgetunique There is a time-of-check-to-time-of-use error in...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-449274)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-449274 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT if the newly created subvolume already got read BUG There is a syzbot crash,...
EUVD-2022-55216
Malicious code in bioql PyPI...
PT-2025-33790 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.14.0-syzkaller-10892-g4e82c87058f4 Description: A flaw exists in the Bluetooth stack within the Linux kernel related to the handling of device coredumps. Specifically, the hci devcd dump function can experience an...
Linux Distros Unpatched Vulnerability : CVE-2022-49947
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: binder: fix alloc-vmavmmm null-ptr dereference Syzbot reported a couple issues introduced by...
DEBIAN-CVE-2022-49947
In the Linux kernel, the following vulnerability has been resolved: binder: fix alloc-vmavmmm null-ptr dereference Syzbot reported a couple issues introduced by commit 44e602b4e52f "binderalloc: add missing mmaplock calls when using the VMA", in which we attempt to acquire the mmaplock when...
UBUNTU-CVE-2025-38048
In the Linux kernel, the following vulnerability has been resolved: virtioring: Fix data race by tagging eventtriggered as racy for KCSAN syzbot reports a data-race when accessing the eventtriggered, here is the simplified stack when the issue occurred:...