Linux Distros Unpatched Vulnerability : CVE-2026-46168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: fix scheduling with atomic in timestamp sockopt Using locksockfast atomic context around socksettimestamp and socksettimestamping is unsafe, as both...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: micrel: Fixed the issue of receiving the timestamp in the frame for lan8841. The related commit began using the ptp workqueue to obtain the second part of the timestamp. When the port is disabled, this workqueue is stopped...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Ensure that ptprate is not 0 before configuring timestamping The stmmac platform drivers that do not open-code the clkptprate value after retrieving the default value from the device-tree may end up setting clkptprat...

CVE-2026-43173

CVE-2026-43173 is a Linux kernel vulnerability in the net: ethernet: xscale driver where ixp46x_ptp_find() is invoked unconditionally from ixp4xx_get_ts_info(), even on systems without ixp46x support. This NULL pointer dereference can lead to a kernel crash/DoS when reading PTP-related info via e...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and remain there until they are consumed. If userspace never gets to read the...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: phy: mscc: Fix memory leak when using one step timestamping Fix memory leak when running one-step timestamping. When running one-step sync timestamping, the HW is configured to insert the TX time into the frame, so there is ...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013216)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013216 advisory. In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, wi...

CVE-2026-39856

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of-bounds read vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When processing PE sections for page hashing, the function uses...

CVE-2026-39855

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...

GHSA-3XXC-PWJ6-JGRJ rfc3161-client Has Improper Certificate Validation

Summary An Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority TSA. By exploiting a logic flaw in how the library extracts the leaf certificate from an unordered PKCS7 bag of certificates, an attacker ca...

rfc3161-client 安全漏洞

rfc3161-client is a software developed by Trail of Bits. Versions prior to rfc3161-client 1.0.6 contained security vulnerabilities. These vulnerabilities stemmed from authorization bypasses in signature verification, which could allow attackers to impersonate trusted timestamping institutions...

CVE-2026-23445

A flaw was found in the Linux kernel's igc network driver. When an XDP eXpress Data Path application that requests transmit TX timestamping is shut down while the network interface link remains active, the driver fails to properly clear stale xskmeta pointers. This improper cleanup can lead to a...

EUVD-2026-18690

In the Linux kernel, the following vulnerability has been resolved: igc: fix page fault in XDP TX timestamps handling If an XDP application that requested TX timestamping is shutting down while the link of the interface in use is still up the following kernel splat is reported: 883.803618 T1554...

UBUNTU-CVE-2026-23445

In the Linux kernel, the following vulnerability has been resolved: igc: fix page fault in XDP TX timestamps handling If an XDP application that requested TX timestamping is shutting down while the link of the interface in use is still up the following kernel splat is reported: 883.803618 T1554...

PT-2026-30140

In the Linux kernel, the following vulnerability has been resolved: igc: fix page fault in XDP TX timestamps handling If an XDP application that requested TX timestamping is shutting down while the link of the interface in use is still up the following kernel splat is reported: 883.803618 T1554...

SUSE CVE-2026-23299

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will stay there until consumed. If userspace never gets to read the timestamps, or i...

CVE-2026-23299

A flaw was found in the Linux kernel's Bluetooth subsystem. When transmit TX timestamping is enabled, socket kernel buffers SKBs can accumulate in an error queue. If user applications fail to read these timestamps or if the Bluetooth controller is unexpectedly removed, these SKBs are not properly...

EUVD-2026-15234

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will stay there until consumed. If userspace never gets to read the timestamps, or i...

CVE-2026-23299

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will stay there until consumed. If userspace never gets to read the timestamps, or i...