Astra Linux - уязвимость в linux-5.10, linux

A vulnerability has been discovered in the Linux kernel. It has been identified as a problem. This vulnerability affects the function vsockconnect in the file net/vmwvsock/afvsock.c. Manipulation of this function leads to a memory leak. The complexity of an attack is quite high. Exploitation of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010736)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010736 advisory. A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsockconnect of the file...

Oracle Linux 7 : kernel (ELSA-2026-3685)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3685 advisory. - ext4: fix use-after-free in ext4orphancleanup CVE-2022-50673 Orabug: 39036029 - Squashfs: check return result of sbminblocksize CVE-2025-38415 Orabug...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50134)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50134 advisory. - xfrm: delete x-tunnel as we delete x Sabrina Dubroca Orabug: 39016501 CVE-2025-40215 - crypto: afalg - Fix incorrect boolean values in afalgctx...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1430)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1430 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject duplicate device on updates CVE-2025-38678 In the Linux kernel, the following vulnerability has...

Oracle Linux 10 : kernel (ELSA-2026-1690)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1690 advisory. - RDMA/core: Fix 'KASAN: slab-use-after-free Read in ibregisterdevice' problem CKI Backport Bot RHEL-134363 CVE-2025-38022 - ASoC: Intel: bytcrrt5640:...

CLSA-2026-1770032032 kernel: Fix of 63 CVEs

mm/memory-failure: fix VMBUGONPAGEPagePoisonedpage when unpoison memory CVE-2025-39883 - comedi: aioiiro16: Fix bit shift out of bounds CVE-2025-38529 - comedi: das6402: Fix bit shift out of bounds CVE-2025-38482 - comedi: pcl812: Fix bit shift out of bounds CVE-2025-38530 - comedi: das16m1: Fix...

Oracle Linux 8 : kernel (ELSA-2026-1142)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1142 advisory. - ASoC: Intel: bytcrrt5640: Fix invalid quirk input mapping CKI Backport Bot RHEL-129107 CVE-2025-40154 - Bluetooth: hcievent: call disconnect callback...

Unbreakable Enterprise kernel security update

5.4.17-2136.351.3.3 - crypto: afalg - Fix incorrect boolean values in afalgctx Eric Biggers Orabug: 38884602 CVE-2025-40022...

Unbreakable Enterprise kernel security update

5.4.17-2136.351.3.2 - tipc: Fix use-after-free in tipcmonreinitself. Kuniyuki Iwashima Orabug: 38855323 CVE-2025-40280 - tipc: simplify the finalize work queue Xin Long Orabug: 38855323 - vsock: Ignore signal/timeout on connect if already established Michal Luczaj Orabug: 38855319 CVE-2025-40248 ...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50007)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50007 advisory. - tipc: Fix use-after-free in tipcmonreinitself. Kuniyuki Iwashima Orabug: 38788585 CVE-2025-40280 - fs/proc: fix uaf in procreaddirde Wei Yang...

Unbreakable Enterprise kernel security update

5.15.0-316.196.4.1 - tipc: Fix use-after-free in tipcmonreinitself. Kuniyuki Iwashima Orabug: 38788585 CVE-2025-40280 - fs/proc: fix uaf in procreaddirde Wei Yang Orabug: 38788587 CVE-2025-40271 - vsock: Ignore signal/timeout on connect if already established Michal Luczaj Orabug: 38788594...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject duplicate device on updates CVE-2025-38678 In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksmmadvise CVE-2025-40040 In the Lin...

Unbreakable Enterprise kernel security update

5.15.0-315.196.5.2 - tipc: Fix use-after-free in tipcmonreinitself. Kuniyuki Iwashima Orabug: 38786195 CVE-2025-40280 - fs/proc: fix uaf in procreaddirde Wei Yang Orabug: 38786194 CVE-2025-40271 - vsock: Ignore signal/timeout on connect if already established Michal Luczaj Orabug: 38786193...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990431)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990431 advisory. In the Linux kernel, the following vulnerability has been resolved: vsock: remove vsock from connected table when connect is interrupted by a signal vsockconnect...

CVE-2025-1290

A race condition Use-After-Free vulnerability exists in the virtiotransportspaceupdate function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtiovsocksock structure during an AFVSOCK connect syscall can occur before a worker thread accesses it resulting in a...

PT-2025-16924 · Google · Kernel

Name of the Vulnerable Software and Affected Versions: ChromeOS Kernel versions prior to 6.1 ChromeOS Kernel version 5.4 Description: A race condition Use-After-Free vulnerability exists in the virtio transport space update function. Concurrent allocation and freeing of the virtio vsock sock...

The vulnerability of the vsock_connect() function in the net/vmw_vsock/af_vsock.c module of the Linux kernel component IPsec, which allows a attacker to cause a service failure

The vulnerability of the vsockconnect function in the net/vmwvsock/afvsock.c module of the Linux kernel’s IPsec component is related to improper handling of block usage counters for sockets. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

DEBIAN-CVE-2022-3629

A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsockconnect of the file net/vmwvsock/afvsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It ...

UBUNTU-CVE-2022-3629

A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsockconnect of the file net/vmwvsock/afvsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It ...