Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Net: tun: Update napi-skb after the XDP process. The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach Syzbot reported a use-after-free in tundetach. This causes a call trace like the following: ================================================================== BUG: KASAN: use-after-free i...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: tun: Avoid double-free in tunfreenetdev Avoid double-free in tunfreenetdev by moving the dev-tstats and tun-security allocations to a new ndoinit routine tunnetinit, which will be called by registernetdevice. ndoinit is paired wi...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: tun: limits the printing rate when an illegal packet is received by the tun device. vhostworker calls tun callbacks to receive packets. If too many illegal packets arrive, tundoread continues to dump the packet contents. When...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: llc: A test for maclen should be performed before reading the MAC header. The LLC layer reads the MAC header using ethhdr, without verifying that the skb contains an Ethernet header. The Syzbot exploit was able to execute the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Networks: The tun device may destroy the NAPIs associated with it during destruction. Syzbot identified a race condition between the tun file and the destruction of the device. NAPIs are stored in the structtunfile structure, and...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: core: The unnecessary framesz check in bpfxdpadjusttail has been removed. Syzkaller reported the following issue: ======================================= “Too big” – xdp-framesz = 131072 WARNING: CPU: 0, PID: 5020 at...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tun: Missing verification for short frames was added. The referenced commit failed to check the validity of the frame length in the tunxdpone path, which could result in a corrupted skb being sent down the stack. Even before the...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: net: tun: Fixed memory leaks in napigetfrags. kmemleak reports after running testprogs: Unreferenced object 0xffff8881b1672dc0 size 232: Command “testprogs”, PID 394388, time 4354712116 duration: 841.975 seconds Hex dump first...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A flaw was discovered in the Linux kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While this will usually be correct, since tuntap devices require CAPNETADMIN, it may not always be the case. For example, a non-root user...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: can: afcan: fix NULL pointer dereference in canrcvfilter Analogue to commit 8aa59e355949 "can: afcan: fix NULL pointer dereference in canrxregister" we need to check for a missing initialization of mlpriv in the receive path of C...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: fix a memleak when uncloning an skb dst and its metadata When uncloning an skb dst and its associated metadata, a new dst+metadata is allocated and later replaces the old one in the skb. This is helpful to have a non-shared...

Astra Linux - уязвимость в linux-5.10

A double-free flaw was discovered in the Linux kernel’s TUN/TAP device driver functionality, particularly in how a user registers the device when the registernetdevice function fails with the NETDEVREGISTER notifier. This flaw allows a local user to crash the system or potentially escalate their...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013071)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013071 advisory. In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhostworker will call tun call...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007276)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007276 advisory. In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhostworker will call tun call...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006774)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006774 advisory. In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhostworker will call tun call...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006571)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006571 advisory. In the Linux kernel, the following vulnerability has been resolved: tun: Fix memory leak for detached NAPI queue. syzkaller reported 0 memory leaks of sk and skb...

SUSE CVE-2026-23254

In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag when H/W offloading t...

DEBIAN-CVE-2026-23254

In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag when H/W offloading t...

CVE-2026-23254

In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag when H/W offloading t...