133 matches found
K000161578: Linux kernel vulnerability CVE-2025-38085
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table...
SUSE CVE-2026-45998
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential UAF after skbunshare failure If skbunshare fails to unshare a packet due to allocation failure in rxrpcinputpacket, the skb pointer in the parent rxrpciothread will be NULL'd out. This will likely cause the...
Linux Distros Unpatched Vulnerability : CVE-2026-45998
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential UAF after skbunshare failure If skbunshare fails to unshare a packet du...
CVE-2026-45998
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential UAF after skbunshare failure If skbunshare fails to unshare a packet due to allocation failure in rxrpcinputpacket, the skb pointer in the parent rxrpciothread will be NULL'd out. This will likely cause the...
EUVD-2026-32294
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential UAF after skbunshare failure If skbunshare fails to unshare a packet due to allocation failure in rxrpcinputpacket, the skb pointer in the parent rxrpciothread will be NULL'd out. This will likely cause the...
CVE-2026-45998
CVE-2026-45998 (Linux kernel, rxrpc): A UAF risk occurs when skb_unshare() fails to unshare a packet in rxrpc_input_packet(); the skb pointer in the parent rxrpc_io_thread() can be NULL’d, likely causing trace_rxrpc_rx_done() to oops. The fix moves the unsharing to where rxrpc_input_call_event() ...
CVE-2026-45998 rxrpc: Fix potential UAF after skb_unshare() failure
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential UAF after skbunshare failure If skbunshare fails to unshare a packet due to allocation failure in rxrpcinputpacket, the skb pointer in the parent rxrpciothread will be NULL'd out. This will likely cause the...
CVE-2026-45998
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential UAF after skbunshare failure If skbunshare fails to unshare a packet due to allocation failure in rxrpcinputpacket, the skb pointer in the parent rxrpciothread will be NULL'd out. This will likely cause the...
UBUNTU-CVE-2026-45998
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential UAF after skbunshare failure If skbunshare fails to unshare a packet due to allocation failure in rxrpcinputpacket, the skb pointer in the parent rxrpciothread will be NULL'd out. This will likely cause the...
CVE-2026-45998
rxrpc: Fix potential UAF after skbunshare failure...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility of setting the skb pointer to null when rxrpc fails to unshare a skb, potentially leadi...
PT-2026-43865
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the rxrpc component. If the skb unshare function fails to unshare a packet due to an allocation failure within rxrpc input packet, the skb pointer in...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: - Fixed bitmap corruption when using CLOSERANGEUNSHARE with closerange. - The function copyfdbitmapsnew, old, count is expected to copy the first count/BITSPERLONG bits from old-fullfdsbits and fill the rest with zeros. It...
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: Fixed the issue where hugepmdunshare caused a race condition with GUP-fast. The hugepmdunshare function releases a reference to a page table that might have previously been shared across processes. This could...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: tipc: skblinearize the head skb when reassembling msgs It’s not a good idea to append the frag skb to a skb’s fraglist if the fraglist already contains skbs from elsewhere. For example, this frag skb was created by pskbcopy, wher...
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: The unshare of page tables occurs during VMA splitting, not before. Currently, splitvma triggers the unshare of hugetlb page tables through vmops-maysplit. This happens before the VMA lock and rmap locks are taken –...
SUSE SLES15 Security Update : kernel (SUSE-SU-2026:1959-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1959-1 advisory. The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-5451...
SUSE CVE-2026-43472
In the Linux kernel, the following vulnerability has been resolved: unshare: fix unsharefs handling There's an unpleasant corner case in unshare2, when we have a CLONENEWNS in flags and current-fs hadn't been shared at all; in that case copymntns gets passed current-fs instead of a private copy,...
CVE-2026-43500
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...
CVE-2026-43500
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...