GHSA-XGX4-4H9W-53PV AdGuard Home: DoQ-to-UDP State Reduction and Source-Port Oracle

Summary This report covers the client-triggered DoQ forwarding path in: - dnsproxy v0.81.2 adguard/dnsproxy:v0.81.2 - AdGuard Home v0.107.74 adguard/adguardhome:latest, image version label v0.107.74 The issue was reproduced on 2026-04-25 with the products configured through their documented DoQ...

AdGuard Home: DoQ-to-UDP State Reduction and Source-Port Oracle

This report covers the client-triggered DoQ forwarding path in: - dnsproxy v0.81.2 adguard/dnsproxy:v0.81.2 - AdGuard Home v0.107.74 adguard/adguardhome:latest, image version label v0.107.74 The issue was reproduced on 2026-04-25 with the products configured through their documented DoQ listener...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006583)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006583 advisory. In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk-skbounddevif UDP sendmsg is lockless, and reads sk-skbounddevif whi...

SUSE CVE-2026-23048

In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...

UBUNTU-CVE-2026-23048

In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...

CVE-2026-23048

The CVE-2026-23048 entry describes a Linux kernel UDP path issue: the standard UDP receive path did not use skb->destructor, while the skmsg layer did via skb_set_owner_sk_safe() in udp_read_skb(), leading to a DEBUG_NET_WARN_ON_ONCE(skb->destructor) in skb_attempt_defer_free(). The documen...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986906)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986906 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6fragment Blamed commit claimed rcureadlock was held by ip6fragme...

DEBIAN-CVE-2022-48956

In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6fragment Blamed commit claimed rcureadlock was held by ip6fragment callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use-after-free in ip6dstidev...