Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: core: The unnecessary framesz check in bpfxdpadjusttail has been removed. Syzkaller reported the following issue: ======================================= “Too big” – xdp-framesz = 131072 WARNING: CPU: 0, PID: 5020, at...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004438)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004438 advisory. In tungetuser of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privilege...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001369)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001369 advisory. In tungetuser of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privilege...

CVE-2023-54155

The CVE relates to the Linux kernel net/xdp path. Root cause: a previous check enforcing xdp.frame_sz > PAGE_SIZE was removed in the context of allowing bpf_xdp_adjust_tail() to grow packet size, after xdp_init_buff() was introduced. This can allow excessive frame sizes (e.g., xdp->frame_sz...

kernel: net: tun: Update napi->skb after XDP process

A use-after-free flaw was found in tungetuser in drivers/net/tun.c in network TUNnel module in Linux kernel. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...

PT-2025-42259

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a use-after-free issue identified through syzbot reporting. The issue occurs after commit e6d5dbdd20aa, which added multi-buff support for XDP running in gener...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986785)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986785 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix memory leaks of napigetfrags kmemleak reports after running testprogs: unreference...

PT-2025-18588 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to memory leaks in the Linux kernel, specifically in the napi get frags function. The problem occurs when tun get user is called, leading to memory leaks in tun na...

SUSE CVE-2021-0342

In tungetuser of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is not required for exploitation. Product: Android; Versions: Android kernel; Android ID: A-146554327...

DEBIAN-CVE-2021-0342

In tungetuser of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is not required for exploitation. Product: Android; Versions: Android kernel; Android ID: A-146554327...