Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipvti: A potential issue related to slab-use-after-free has been fixed in decodesession6. When the ipvti device is set as a qdisc of the sfb type, the cb field of the sent skb may be modified during enqueueing. This can lead to a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013361)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013361 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc ...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010818)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010818 advisory. In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the...

kernel: ip6_vti: fix slab-use-after-free in decode_session6

A use-after-free vulnerability was found in the IPv6 VTI Virtual Tunnel Interface implementation in the Linux kernel. When an IPv6 VTI device uses the SFB Stochastic Fair Blue qdisc, the control block cb field of an skb can be modified during packet enqueuing. The decodesession6 function then rea...

kernel: ip6_vti: fix slab-use-after-free in decode_session6

A use-after-free vulnerability was found in the IPv6 VTI Virtual Tunnel Interface implementation in the Linux kernel. When an IPv6 VTI device uses the SFB Stochastic Fair Blue qdisc, the control block cb field of an skb can be modified during packet enqueuing. The decodesession6 function then rea...

kernel: ip6_vti: fix slab-use-after-free in decode_session6

A use-after-free vulnerability was found in the IPv6 VTI Virtual Tunnel Interface implementation in the Linux kernel. When an IPv6 VTI device uses the SFB Stochastic Fair Blue qdisc, the control block cb field of an skb can be modified during packet enqueuing. The decodesession6 function then rea...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...

CVE-2023-53821

In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...

UBUNTU-CVE-2023-53821

In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...

PT-2025-49712

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-next-20230707-00001-g84e2cad7f979 Description The Linux kernel contains a flaw within the ipv6 vti module, specifically in the decode session6 function, that can lead to a slab-use-after-free condition. Thi...

UBUNTU-CVE-2023-53559

In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...

CVE-2023-53559 ip_vti: fix potential slab-use-after-free in decode_session6

In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...

CVE-2023-53559 ip_vti: fix potential slab-use-after-free in decode_session6

In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...

EUVD-2025-23579

Malicious code in bioql PyPI...

CVE-2025-54870 VTun-ng's failure to initialize encryption modules may cause reversion to plaintext

VTun-ng is a Virtual Tunnel over TCP/IP network. In versions 3.0.17 and below, failure to initialize encryption modules might cause reversion to plaintext due to insufficient error handling. The bug was first introduced in VTun-ng version 3.0.12. This is fixed in version 3.0.18. To workaround thi...

SUSE CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

kernel: ip_vti: fix potential slab-use-after-free in decode_session6

A use-after-free flaw was found in the Linux kernel's ipvti IPsec Virtual Tunnel Interface implementation when transmitting IPv6 packets with the SFB qdisc attached. A local user with CAPNETADMIN capability can trigger this issue by configuring an ipvti interface with an SFB qdisc and sending IPv...