Количество 113
Количество 113
CVE-2025-38477
In the Linux kernel, the following vulnerability has been resolved: n ...
ELSA-2025-15782
ELSA-2025-15782: kernel security update (MODERATE)
GHSA-vwv2-838r-2q6p
In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_conn_close(). syzbot reported a null-ptr-deref in tipc_conn_close() during netns dismantle. [0] tipc_topsrv_stop() iterates tipc_net(net)->topsrv->conn_idr and calls tipc_conn_close() for each tipc_conn. The problem is that tipc_conn_close() is called after releasing the IDR lock. At the same time, there might be tipc_conn_recv_work() running and it could call tipc_conn_close() for the same tipc_conn and release its last ->kref. Once we release the IDR lock in tipc_topsrv_stop(), there is no guarantee that the tipc_conn is alive. Let's hold the ref before releasing the lock and put the ref after tipc_conn_close() in tipc_topsrv_stop(). [0]: BUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165 Read of size 8 at addr ffff888099305a08 by task kworker/u4:3/435 CPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0 Hardware name: Google Go...
BDU:2025-09817
Уязвимость функции tipc_conn_close() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2025:03583-1
Security update for the Linux Kernel (Live Patch 58 for SLE 15 SP3)
SUSE-SU-2025:03576-1
Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7)
SUSE-SU-2025:03568-1
Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6)
SUSE-SU-2025:03562-1
Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP5)
SUSE-SU-2025:03552-1
Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP4)
SUSE-SU-2025:03550-1
Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP4)
SUSE-SU-2025:03497-1
Security update for the Linux Kernel (Live Patch 69 for SLE 12 SP5)
SUSE-SU-2025:03485-1
Security update for the Linux Kernel (Live Patch 70 for SLE 12 SP5)
SUSE-SU-2025:03479-1
Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7)
SUSE-SU-2025:03473-1
Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP6)
GHSA-79vc-v8qm-8x53
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, qfq_dump_class may trigger a NULL dereference, and qfq_delete_class may cause a use-after-free. This patch addresses the issue by: 1. Moved qfq_destroy_class into the critical section. 2. Added sch_tree_lock protection to qfq_dump_class and qfq_dump_class_stats.
BDU:2025-09177
Уязвимость функции qfq_aggregate() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2025:03572-1
Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP7)
SUSE-SU-2025:03567-1
Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6)
SUSE-SU-2025:03561-1
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP5)
SUSE-SU-2025:03551-1
Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| CVE-2025-38477 In the Linux kernel, the following vulnerability has been resolved: n ... | 0% Низкий | 4 месяца назад | |
| ELSA-2025-15782 ELSA-2025-15782: kernel security update (MODERATE) | около 2 месяцев назад | ||
| GHSA-vwv2-838r-2q6p In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_conn_close(). syzbot reported a null-ptr-deref in tipc_conn_close() during netns dismantle. [0] tipc_topsrv_stop() iterates tipc_net(net)->topsrv->conn_idr and calls tipc_conn_close() for each tipc_conn. The problem is that tipc_conn_close() is called after releasing the IDR lock. At the same time, there might be tipc_conn_recv_work() running and it could call tipc_conn_close() for the same tipc_conn and release its last ->kref. Once we release the IDR lock in tipc_topsrv_stop(), there is no guarantee that the tipc_conn is alive. Let's hold the ref before releasing the lock and put the ref after tipc_conn_close() in tipc_topsrv_stop(). [0]: BUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165 Read of size 8 at addr ffff888099305a08 by task kworker/u4:3/435 CPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0 Hardware name: Google Go... | 0% Низкий | 4 месяца назад | |
 | BDU:2025-09817 Уязвимость функции tipc_conn_close() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.3 | 0% Низкий | 5 месяцев назад |
 | SUSE-SU-2025:03583-1 Security update for the Linux Kernel (Live Patch 58 for SLE 15 SP3) | 0% Низкий | около 1 месяца назад | |
| SUSE-SU-2025:03576-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7) | 0% Низкий | около 1 месяца назад | |
| SUSE-SU-2025:03568-1 Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6) | 0% Низкий | около 1 месяца назад | |
| SUSE-SU-2025:03562-1 Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP5) | 0% Низкий | около 1 месяца назад | |
| SUSE-SU-2025:03552-1 Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP4) | 0% Низкий | около 1 месяца назад | |
| SUSE-SU-2025:03550-1 Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP4) | 0% Низкий | около 1 месяца назад | |
| SUSE-SU-2025:03497-1 Security update for the Linux Kernel (Live Patch 69 for SLE 12 SP5) | 0% Низкий | около 1 месяца назад | |
| SUSE-SU-2025:03485-1 Security update for the Linux Kernel (Live Patch 70 for SLE 12 SP5) | 0% Низкий | около 1 месяца назад | |
| SUSE-SU-2025:03479-1 Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7) | 0% Низкий | около 1 месяца назад | |
| SUSE-SU-2025:03473-1 Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP6) | 0% Низкий | около 1 месяца назад | |
| GHSA-79vc-v8qm-8x53 In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, qfq_dump_class may trigger a NULL dereference, and qfq_delete_class may cause a use-after-free. This patch addresses the issue by: 1. Moved qfq_destroy_class into the critical section. 2. Added sch_tree_lock protection to qfq_dump_class and qfq_dump_class_stats. | 0% Низкий | 4 месяца назад | |
| BDU:2025-09177 Уязвимость функции qfq_aggregate() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7 | 0% Низкий | 4 месяца назад |
| SUSE-SU-2025:03572-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP7) | около 1 месяца назад | ||
| SUSE-SU-2025:03567-1 Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6) | около 1 месяца назад | ||
| SUSE-SU-2025:03561-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP5) | около 1 месяца назад | ||
| SUSE-SU-2025:03551-1 Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4) | около 1 месяца назад |
Уязвимостей на страницу