CVE-2026-45905

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xfrm: fixed the refcount leak in xfrmmigratepolicyfind Syzkaller reported a memory leak in xfrmpolicyalloc: BUG: Memory leak Unreferenced object 0xffff888114d79000 size 1024: comm “syz.1.17”, pid 931 … xfrmpolicyalloc+0xb3/0x4b0...

CVE-2026-31406

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix work re-schedule after cancel in xfrmnatkeepalivenetfini After canceldelayedworksync is called from xfrmnatkeepalivenetfini, xfrmstatefini flushes remaining states via xfrmstatedelete, which calls...

CVE-2025-39965 xfrm: xfrm_alloc_spi shouldn't use 0 as SPI

In the Linux kernel, the following vulnerability has been resolved: xfrm: xfrmallocspi shouldn't use 0 as SPI x-id.spi == 0 means "no SPI assigned", but since commit 94f39804d891 "xfrm: Duplicate SPI Handling", we now create states and add them to the byspi list with this value. xfrmstatedelete...

kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. An error while resolving policies in xfrmbundlelookup causes the refcount to drop twice, leading to a possible crash and a denial of service...

The vulnerability of the xfrm_expand_policies function (net/xfrm/xfrm_policy.c) in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the xfrmexpandpolicies function net/xfrm/xfrmpolicy.c in the Linux operating system is related to errors during resource release. Exploiting this vulnerability allows a remote attacker to cause service interruptions...