Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Team: Fix null-ptr-deref when the team device type is changed. The null-ptr-deref bug occurs as follows with a reproducer 1. Bug: Kernel NULL pointer dereferencing. Address: 0000000000000228… … RIP:...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fixed the issue where dereferencing the netdevpriv variable occurred before the type check, in cases where the event is triggered on non-DSA network devices. After the bug was reported, we began handling this...

MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.11.el7.AXS7 (AXSA:2025-9972:35)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9972:35 advisory. ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices CVE-2024-53197 Bluetooth: L2CAP: Fix slab-use-after-free Read in...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-380618)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-380618 advisory. In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-etherne...

DEBIAN-CVE-2023-53365

In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skbunderpanic in ip6mrcachereport skbuff: skbunderpanic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg ------------ cut here ------------ kernel BUG at...

CVE-2023-53365

In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skbunderpanic in ip6mrcachereport skbuff: skbunderpanic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg ------------ cut here ------------ kernel BUG at...

CVE-2023-53365 ip6mr: Fix skb_under_panic in ip6mr_cache_report()

In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skbunderpanic in ip6mrcachereport skbuff: skbunderpanic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg ------------ cut here ------------ kernel BUG at...

CVE-2023-53365 ip6mr: Fix skb_under_panic in ip6mr_cache_report()

In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skbunderpanic in ip6mrcachereport skbuff: skbunderpanic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg ------------ cut here ------------ kernel BUG at...

OESA-2025-2006 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, thi...

OESA-2025-2005 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, thi...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21920)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21920 advisory. - In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21920)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21920 advisory. - In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type...

CVE-2025-23163

In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there is now a possibility of a deadlock: 1.211455 ============================================ 1.211571 WARNING: possible recursive locking detected 1.21168...

UBUNTU-CVE-2025-21920

In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, this also causes a bug which leaks the address of a kernel function to...

CVE-2025-21920

CVE-2025-21920 (Linux kernel VLAN subtype): The issue occurs when creating VLAN devices on non-Ethernet underlying devices, which can trigger an out-of-bounds read by dev_mc_add due to __dev_mc_add using dev->addr_len as the multicast length. The underlying cause is not enforcing the underlyin...

CVE-2025-21920 vlan: enforce underlying device type

In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, this also causes a bug which leaks the address of a kernel function to...

CVE-2025-21920 vlan: enforce underlying device type

In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, this also causes a bug which leaks the address of a kernel function to...

DEBIAN-CVE-2021-47555

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the realdev refcnt Inject error before devholdrealdev in registervlandev, and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 link dummy1 type vlan id 100...

CVE-2023-52574

In the Linux kernel, the following vulnerability has been resolved: team: fix null-ptr-deref when team device type is changed Get a null-ptr-deref bug as follows with reproducer 1. BUG: kernel NULL pointer dereference, address: 0000000000000228 ... RIP: 0010:vlandevhardheader+0x35/0x140 8021q...

CVE-2023-52574

In the Linux kernel, the following vulnerability has been resolved: team: fix null-ptr-deref when team device type is changed Get a null-ptr-deref bug as follows with reproducer 1. BUG: kernel NULL pointer dereference, address: 0000000000000228 ... RIP: 0010:vlandevhardheader+0x35/0x140 8021q...