Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint, the netlink PM traverses all the local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP matching...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: consolidate suboption status MPTCP maintains the received sub-options status as a bitmask carrying the received sub-options, with additional information carried in several bitfields for each suboption. Zeroing the bitma...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: “fou”: removed the warning in guegroreceive for unsupported protocols. Remove the WARNONONCE flag in guegroreceive if the encapsulated type is unknown or does not have a GRO handler. Such packets can be easily constructed. The...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986975)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986975 advisory. In the Linux kernel, the following vulnerability has been resolved: schcake: do not call cakedestroy from cakeinit qdiscs are not supposed to call their own destroy...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-360474)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-360474 advisory. In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987312)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987312 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: serialize hash resizes and cleanups Syzbot was able to trigger the followin...

EUVD-2025-5248

Malicious code in bioql PyPI...

DEBIAN-CVE-2022-49318

In the Linux kernel, the following vulnerability has been resolved: f2fs: remove WARNON in f2fsisvalidblkaddr Syzbot triggers two WARNs in f2fsisvalidblkaddr and isbitmapvalid. For example, in f2fsisvalidblkaddr, if type is DATAGENERICENHANCE or DATAGENERICENHANCEREAD, it invokes WARNON if blkadd...

AZL-48261 CVE-2024-42114 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: restrict NL80211ATTRTXQQUANTUM values syzbot is able to trigger softlockups, setting NL80211ATTRTXQQUANTUM to 2^31. We had a similar issue in schfq, fixed with commit d9e15a273306 "pktsched: fq: do not accept sill...

PT-2024-31331

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the btrfs file system in the Linux kernel. When freeing a tree block, the function btrfs free tree block does not handle errors properly, leading to a BUG ON...

CVE-2024-36902 ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()

In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6rules: avoid possible NULL dereference in fib6ruleaction syzbot is able to trigger the following crash 1, caused by unsafe ip6dstidev use. Indeed ip6dstidev can return NULL, and must always be checked. 1 Oops: general...

CVE-2021-47370

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure tx skbs always have the MPTCP ext Due to signed/unsigned comparison, the expression: info-sizegoal - skb-len 0 evaluates to true when the size goal is smaller than the skb size. That results in lack of tx cache...

CVE-2021-47370 mptcp: ensure tx skbs always have the MPTCP ext

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure tx skbs always have the MPTCP ext Due to signed/unsigned comparison, the expression: info-sizegoal - skb-len 0 evaluates to true when the size goal is smaller than the skb size. That results in lack of tx cache...