xfrm: delete x->tunnel as we delete x

...

UBUNTU-CVE-2025-40256

In the Linux kernel, the following vulnerability has been resolved: xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added In commit b441cf3f8c4b "xfrm: delete x-tunnel as we delete x", I missed the case where state creation fails between full initialization...

CVE-2025-40256 xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added

In the Linux kernel, the following vulnerability has been resolved: xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added In commit b441cf3f8c4b "xfrm: delete x-tunnel as we delete x", I missed the case where state creation fails between full initialization...

EUVD-2025-201201

In the Linux kernel, the following vulnerability has been resolved: xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added In commit b441cf3f8c4b "xfrm: delete x-tunnel as we delete x", I missed the case where state creation fails between full initialization...

UBUNTU-CVE-2025-40215

In the Linux kernel, the following vulnerability has been resolved: xfrm: delete x-tunnel as we delete x The ipcomp fallback tunnels currently get deleted from the various lists and hashtables as the last user state that needed that fallback is destroyed not deleted. If a reference to that user...

SUSE-SU-2025:21109-1 Security update for kernel-livepatch-MICRO-6-0_Update_6

This update for kernel-livepatch-MICRO-6-0Update6 fixes the following issues: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882 - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data...

SUSE-SU-2025:21098-1 Security update for kernel-livepatch-MICRO-6-0_Update_9

This update for kernel-livepatch-MICRO-6-0Update9 fixes the following issues: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537...

SUSE-SU-2025:4262-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.33 fixes various security issues The following security issues were fixed: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882. - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd...

SUSE-SU-2025:4261-1 Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.30 fixes various security issues The following security issues were fixed: - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778. - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow...

SUSE SLES15 Security Update : kernel RT (Live Patch 10 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2025:4200-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4200-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150600.10.34 fixes various security issues The following security issues were fixed: -...

EUVD-2025-198721

Malicious code in @actbase/css-to-react-native-transform npm...

EUVD-2025-178096

Malicious code in lightyear-ichnology-transform-phoebe npm...

EUVD-2025-175905

Malicious code in transform-version-sequelize-native npm...

Malicious code in postgres-promise-transform-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea347cd20aedc5d8182d0495c956fa7c35ab0496a8d61ed58da90135a7463ebf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in umbriel-transform-corvus-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba0535ab8475a2cfe19c1ada68feab5732883367dc7554d2a673d0616d955ddf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189964 Malicious code in transform-ethology-weywot-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6827172d705088dbbceab6e5d571e982778c40522594d4b1769be2151dd4821 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188730 Malicious code in planckscale-lynx-global-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d3a6f504f1e5767dfec6a0695658c17cb181816e481c901e238aa4397ec5924 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176767

Malicious code in redis-corvus-transform-dependencies npm...

EUVD-2025-176024

Malicious code in tectonophysics-transform-crust-sagitta npm...

EUVD-2025-175909

Malicious code in transform-galaxy-writable-slides npm...