kernel: geneve: Fix use-after-free in geneve_find_dev().

A use-after-free vulnerability exists in the Linux kernel. When devnet is dismantled, the geneveexitbatchrtnl function calls unregisternetdevicequeue for each device in the network namespace. Later, when the device is freed, it is still linked to the backend UDP socket in the network namespace...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: inetdiag: fixed a kernel-infoleak issue for UDP sockets KMSAN reported a kernel-infoleak issue 1 that could be exploited by unprivileged users. After analysis, it turned out that UDP was not initializing r-idiagexpires. Other...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006965)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006965 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk =...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000725)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000725 advisory. Race condition in the ip4datagramreleasecb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989754)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989754 advisory. In the Linux kernel, the following vulnerability has been resolved: inetdiag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak 1, that can...

SUSE CVE-2025-40080

In the Linux kernel, the following vulnerability has been resolved: nbd: restrict sockets to TCP and UDP Recently, syzbot started to abuse NBD with all kinds of sockets. Commit cf1b2326b734 "nbd: verify socket is supported during setup" made sure the socket supported a shutdown method. Explicitel...

FreeBSD -- SO_REUSEPORT_LB breaks connect(2) for UDP sockets

Problem Description: Connected sockets are not intended to belong to load-balancing groups. However, the kernel failed to check the connection state of sockets when adding them to load-balancing groups. Furthermore, when looking up the destination socket for an incoming packet, the kernel will...

Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to version 1.25.1, released 2025-09-03 bsc1244485. Security issues fixed: CVE-2025-47910: net/http: CrossOriginProtection insecure bypass patterns not limited to exact matches bsc1249141. Other issues fixed: go74822 cmd/go: "get...

EUVD-2014-9719

Malware in sbrugna...

EUVD-2001-0324

Malware in sbrugna...

SUSE CVE-2023-53585

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

UBUNTU-CVE-2023-53585

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

CVE-2023-53585

CVE-2023-53585 : In the Linux kernel, a bug in bpf_sk_assign could leak a refcount when a newly created unhashed UDP socket is bound after being added to a sockmap. The issue arises because bpf_sk_assign may be invoked in an RCU-critical section before the sk’s final state (SOCK_RCU_FREE) is appl...

CVE-2023-53585 bpf: reject unhashed sockets in bpf_sk_assign

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

EUVD-2024-36321

Malicious code in bioql PyPI...

K000140987: Linux kernel vulnerability CVE-2024-36971

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when sk-dstcache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk-skdstcache, th...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-36971)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36971 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race...

CVE-2021-47597

In the Linux kernel, the following vulnerability has been resolved: inetdiag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak 1, that can exploited by unpriv users. After analysis it turned out UDP was not initializing r-idiagexpires. Other users of inetskdiagfill might make...

CVE-2021-47597

In the Linux kernel, the following vulnerability has been resolved: inetdiag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak 1, that can exploited by unpriv users. After analysis it turned out UDP was not initializing r-idiagexpires. Other users of inetskdiagfill might make...

CVE-2021-47597

CVE-2021-47597 affects the Linux kernel inet_diag path handling UDP sockets. The root cause is that UDP paths did not initialize r->idiag_expires in inet_sk_diag_fill(), enabling kernel-infoleak reports observed by KMSAN. The provided connected advisories describe a chain of in-kernel data flo...