10 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: xfrm6: Check the return value of ip6dstidev in xfrm6getsaddr. ip6dstidev can return NULL, and xfrm6getsaddr must act accordingly. syzbot reported: Oops: General protection fault, likely due to a non-canonical address...
EUVD-2026-32799
In the Linux kernel, the following vulnerability has been resolved: ipv6: xfrm6: release dst on error in xfrm6rcvencap xfrm6rcvencap performs an IPv6 route lookup when the skb does not already have a dst attached. ip6routeinputlookup returns a referenced dst entry even when the lookup resolves to...
SUSE CVE-2026-43139
In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address returns -EADDRNOTAVAIL, saddr-in6 is left uninitialize...
CVE-2026-43139
A flaw was found in the Linux kernel's xfrm6 subsystem. This vulnerability occurs because the xfrm6getsaddr function does not properly check the return value of ipv6devgetsaddr. This oversight can result in an uninitialized source address being used, potentially leading to system instability or a...
CVE-2026-43139
In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address returns -EADDRNOTAVAIL, saddr-in6 is left uninitialize...
MiracleLinux 9 : kernel-5.14.0-427.40.1.el9_4 (AXSA:2024-8938:33)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8938:33 advisory. kernel: Local information disclosure on IntelR AtomR processors CVE-2023-28746 kernel: netfilter: nftflowoffload: reset dst in route object after...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-395462)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-395462 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6dstidev return value in xfrm6getsaddr ip6dstidev can return NULL, xfrm6getsaddr...
SUSE CVE-2024-40959
In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6dstidev return value in xfrm6getsaddr ip6dstidev can return NULL, xfrm6getsaddr must act accordingly. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the xfrm6 component failing to properly check the return value of the ip6dstidev function when obtaining a...
PT-2012-3357 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.22 Description: The issue is related to a double free vulnerability in the xfrm6 tunnel rcv function. This vulnerability can be exploited by remote attackers who send crafted IPv6 packets, potentially causin...