USN-7699-1 linux, linux-aws, linux-aws-6.14, linux-gcp, linux-gcp-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Buffer Sharing and Synchronization framework; - DM...

Linux Distros Unpatched Vulnerability : CVE-2021-46955

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernel...

Linux Distros Unpatched Vulnerability : CVE-2022-49959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix memory leak at failed datapath creation...

net: openvswitch: Fix the dead loop of MPLS parse

...

Linux Distros Unpatched Vulnerability : CVE-2023-52977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of...

NewStart CGSL MAIN 7.02 : openvswitch Multiple Vulnerabilities (NS-SA-2025-0196)

The remote NewStart CGSL host, running version MAIN 7.02, has openvswitch packages installed that are affected by multiple vulnerabilities: - A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow ...

net: openvswitch: fix nested key length validation in the set() action

...

DEBIAN-CVE-2025-38146

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix the dead loop of MPLS parse The unexpected MPLS packet may not end with the bottom label stack. When there are many stacks, The label count value has wrapped around. A dead loop occurs, soft lockup/CPU stuck...

UBUNTU-CVE-2025-38146

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix the dead loop of MPLS parse The unexpected MPLS packet may not end with the bottom label stack. When there are many stacks, The label count value has wrapped around. A dead loop occurs, soft lockup/CPU stuck...

CVE-2025-38146 net: openvswitch: Fix the dead loop of MPLS parse

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix the dead loop of MPLS parse The unexpected MPLS packet may not end with the bottom label stack. When there are many stacks, The label count value has wrapped around. A dead loop occurs, soft lockup/CPU stuck...

USN-7595-5 linux-gcp, linux-gcp-6.8 vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

USN-7595-4 linux-oracle, linux-oracle-6.8, linux-raspi vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

USN-7595-3 linux-raspi-realtime vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

USN-7596-2 linux-azure-nvidia vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPIO subsystem; - GPU drivers; - InfiniBand drivers; - IRQ chip drivers; - Network drivers; - Mellanox network...

CVE-2022-49959

In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix memory leak at failed datapath creation ovsdpcmdnew-ovsdpchange-ovsdpsetupcallportids allocates array via kmalloc. If for some reason newvport fails during ovsdpcmdnew dp-upcallportids must be freed. Add missing...

UBUNTU-CVE-2022-49959

In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix memory leak at failed datapath creation ovsdpcmdnew-ovsdpchange-ovsdpsetupcallportids allocates array via kmalloc. If for some reason newvport fails during ovsdpcmdnew dp-upcallportids must be freed. Add missing...

CVE-2022-49959

The CVE-2022-49959 entry concerns a memory-leak in the Linux kernel related to openvswitch datapath creation. The root cause was that ovs_dp_cmd_new()->ovs_dp_change()->ovs_dp_set_upcall_portids() allocated an array with kmalloc but did not always free dp->upcall_portids when new_vport()...

CVE-2022-49959

In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix memory leak at failed datapath creation ovsdpcmdnew-ovsdpchange-ovsdpsetupcallportids allocates array via kmalloc. If for some reason newvport fails during ovsdpcmdnew dp-upcallportids must be freed. Add missing...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from openvswitch not freeing memory when a datapath creation fails, potentially leading to a memory leak...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dstrelease Upstream fix ac888d58869b "net: do not delay dstentriesadd in dstrelease" moved decrementing the dst count from dstdestroy to dstrelease to avoid accessing already freed data in cas...