20 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: inet: Sk-skrxdst was converted to RCU rules. The syzbot reported various issues related to early demux processing. One of these issues is included in this changelog 1. Sk-skrxdst uses RCU protection without proper documentatio...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: nbd: Always initialize struct msghdr completely. syzbot reports that the value of msg-msggetinq may be uninitialized 1. The struct msghdr has many new fields recently. We should always ensure that their values are zero by...
CVE-2026-5590
CVE-2026-5590 describes a race condition during TCP connection teardown where tcp_recv() may operate on a released connection. If tcp_conn_search() returns NULL while processing a SYN, a NULL pointer from stale context data is passed to tcp_backlog_is_full() and dereferenced without validation, c...
CVE-2026-5590
A race condition during TCP connection teardown can cause tcprecv to operate on a connection that has already been released. If tcpconnsearch returns NULL while processing a SYN packet, a NULL pointer derived from stale context data is passed to tcpbacklogisfull and dereferenced without validatio...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004215)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004215 advisory. It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread- unsafe. So an unprivileged multi-threaded userspace application...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003836)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003836 advisory. It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread- unsafe. So an unprivileged multi-threaded userspace application...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001141)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001141 advisory. It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread- unsafe. So an unprivileged multi-threaded userspace application...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: In the TCP layer, the secpath process is dropped simultaneously with the current dst process. Xiumei reported encountering a warning in xfrm6tunnelnetexit while running tests that involve creating a pair of netns, running a basic...
SUSE CVE-2025-21864
In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...
AZL-58524 CVE-2025-21864 affecting package kernel for versions less than 6.6.82.1-1
In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...
CVE-2025-21864 tcp: drop secpath at the same time as we currently drop dst
In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...
Hirschmann HiOS Switches Classic Buffer Overflow (CVE-2019-12261)
The impact of this vulnerability is a buffer overflow of up to a full TCP receive-window by default, 10k-64k depending on version. The buffer overflow happens in the task calling recv/recvfrom/recvmsg. Applications that pass a buffer equal to or larger than a full TCP-window are not susceptible t...
Hirschmann HiOS Switches Classic Buffer Overflow (CVE-2019-12260)
This vulnerability could lead to a buffer overflow of up to a full TCP receive-window by default, 10k-64k depending on version. The buffer overflow happens in the task calling recv/recvfrom/recvmsg. Applications that pass a buffer equal to or larger than a full TCP-window are not susceptible to...
DEBIAN-CVE-2024-26638
In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg-msggetinq value can be uninitialized 1 struct msghdr got many new fields recently, we should always make sure their values is zero by default. 1 BUG: KMSAN...
SUSE CVE-2021-47103
In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk-skrxdst to RCU rules syzbot reported various issues around early demux, one being included in this changelog 1 sk-skrxdst is using RCU protection without clearly documenting it. And following sequences in...
CVE-2021-47103
In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk-skrxdst to RCU rules syzbot reported various issues around early demux, one being included in this changelog 1 sk-skrxdst is using RCU protection without clearly documenting it. And following sequences in...
Mageia: Security Advisory (MGASA-2022-0045)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2022-0045 Updated connman packages fix security vulnerability
TCP Receive Path does not Check for Presence of Sufficient Header Data. CVE-2022-23096 Possibly invalid memory reference in 'strnlen' call in 'forwarddnsreply'. CVE-2022-23097 TCP Receive Path Triggers 100 % CPU loop if DNS server does not Send Back Data. CVE-2022-23098...
USN-1529-1: Linux kernel vulnerabilities
A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM Kernel-based Virtual Machine to create a network bridge between host and guest. A privleged user in a guest could exploit this flaw to crash the host, if the vhostnet module is loaded with the...
USN-1514-1: Linux kernel (OMAP4) vulnerabilities
A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM Kernel-based Virtual Machine to create a network bridge between host and guest. A privleged user in a guest could exploit this flaw to crash the host, if the vhostnet module is loaded with the...