49 matches found
CVE-2026-43107
CVE-2026-43107 concerns the Linux kernel xfrm subsystem. The root cause is that xfrm_aevent_msgsize() did not reserve space for XFRMA_IF_ID, causing build_aevent() to fail with -EMSGSIZE and potentially trigger a kernel panic via a malformed netlink interaction when if_id is set. The fix uncondit...
CVE-2026-43107 xfrm: account XFRMA_IF_ID in aevent size calculation
In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMAIFID in aevent size calculation xfrmgetae allocates the reply skb with xfrmaeventmsgsize, then buildaevent appends attributes including XFRMAIFID when x-ifid is set. xfrmaeventmsgsize does not include space for...
PT-2026-37417
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the xfrm component where the xfrm get ae function allocates a reply socket buffer skb using xfrm aevent msgsize, but the build aevent function may append additional...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...
SUSE SLES15 Security Update : kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2025:4268-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4268-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.60 fixes various security issues The following security issues were fixed: -...
ASB-A-436201996
In xfrmichangelink of xfrminterfacecore.c, there is a possible use after free due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
SUSE-SU-2025:21123-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_11
This update for kernel-livepatch-MICRO-6-0-RTUpdate11 fixes the following issues: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537...
SUSE-SU-2025:21103-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_11
This update for kernel-livepatch-MICRO-6-0-RTUpdate11 fixes the following issues: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537...
SUSE-SU-2025:21099-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_10
This update for kernel-livepatch-MICRO-6-0-RTUpdate10 fixes the following issues: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537...
SUSE-SU-2025:21114-1 Security update for kernel-livepatch-MICRO-6-0_Update_10
This update for kernel-livepatch-MICRO-6-0Update10 fixes the following issues: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537...
SUSE-SU-2025:21091-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_9
This update for kernel-livepatch-MICRO-6-0-RTUpdate9 fixes the following issues: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537...
SUSE-SU-2025:21086-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882 - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778 - CVE-2025-38500: xfrm: interface: fix use-after-free...
SUSE-SU-2025:21119-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_7
This update for kernel-livepatch-MICRO-6-0-RTUpdate7 fixes the following issues: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882 - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data...
SUSE-SU-2025:21120-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_8
This update for kernel-livepatch-MICRO-6-0-RTUpdate8 fixes the following issues: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537...
SUSE-SU-2025:21112-1 Security update for kernel-livepatch-MICRO-6-0_Update_9
This update for kernel-livepatch-MICRO-6-0Update9 fixes the following issues: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537...
SUSE-SU-2025:21097-1 Security update for kernel-livepatch-MICRO-6-0_Update_8
This update for kernel-livepatch-MICRO-6-0Update8 fixes the following issues: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537...
SUSE-SU-2025:21110-1 Security update for kernel-livepatch-MICRO-6-0_Update_7
This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537...
SUSE-SU-2025:21107-1 Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882 - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778 - CVE-2025-38500: xfrm: interface: fix use-after-free...
SUSE-SU-2025:21092-1 Security update for kernel-livepatch-MICRO-6-0_Update_3
This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882 - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778 - CVE-2025-38500: xfrm: interface: fix use-after-free...
SUSE-SU-2025:21096-1 Security update for kernel-livepatch-MICRO-6-0_Update_7
This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537...