Количество 15
Количество 15
CVE-2025-40139
In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). smc_clc_prfx_set() is called during connect() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dev_dst_rcu() under rcu_read_lock() after kernel_getsockname(). Note that the returned value of smc_clc_prfx_set() is not used in the caller. While at it, we change the 1st arg of smc_clc_prfx_set[46]_rcu() not to touch dst there.
CVE-2025-40139
In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). smc_clc_prfx_set() is called during connect() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dev_dst_rcu() under rcu_read_lock() after kernel_getsockname(). Note that the returned value of smc_clc_prfx_set() is not used in the caller. While at it, we change the 1st arg of smc_clc_prfx_set[46]_rcu() not to touch dst there.
CVE-2025-40139
smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set().
CVE-2025-40139
In the Linux kernel, the following vulnerability has been resolved: s ...
GHSA-ffj5-vpjf-2hxm
In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). smc_clc_prfx_set() is called during connect() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dev_dst_rcu() under rcu_read_lock() after kernel_getsockname(). Note that the returned value of smc_clc_prfx_set() is not used in the caller. While at it, we change the 1st arg of smc_clc_prfx_set[46]_rcu() not to touch dst there.
BDU:2025-16144
Уязвимость модуля net/smc/smc_clc.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2025:4521-1
Security update for the Linux Kernel
SUSE-SU-2025:4505-1
Security update for the Linux Kernel
SUSE-SU-2025:4422-1
Security update for the Linux Kernel
SUSE-SU-2025:4516-1
Security update for the Linux Kernel
SUSE-SU-2025:4393-1
Security update for the Linux Kernel
SUSE-SU-2025:4517-1
Security update for the Linux Kernel
openSUSE-SU-2025:20172-1
Security update for the Linux Kernel
SUSE-SU-2026:0316-1
Security update for the Linux Kernel
SUSE-SU-2026:0317-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-40139 In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). smc_clc_prfx_set() is called during connect() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dev_dst_rcu() under rcu_read_lock() after kernel_getsockname(). Note that the returned value of smc_clc_prfx_set() is not used in the caller. While at it, we change the 1st arg of smc_clc_prfx_set[46]_rcu() not to touch dst there. | 0% Низкий | 3 месяца назад | |
 | CVE-2025-40139 In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). smc_clc_prfx_set() is called during connect() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dev_dst_rcu() under rcu_read_lock() after kernel_getsockname(). Note that the returned value of smc_clc_prfx_set() is not used in the caller. While at it, we change the 1st arg of smc_clc_prfx_set[46]_rcu() not to touch dst there. | 0% Низкий | 3 месяца назад | |
 | CVE-2025-40139 smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). | 0% Низкий | 2 месяца назад | |
| CVE-2025-40139 In the Linux kernel, the following vulnerability has been resolved: s ... | 0% Низкий | 3 месяца назад | |
| GHSA-ffj5-vpjf-2hxm In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). smc_clc_prfx_set() is called during connect() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dev_dst_rcu() under rcu_read_lock() after kernel_getsockname(). Note that the returned value of smc_clc_prfx_set() is not used in the caller. While at it, we change the 1st arg of smc_clc_prfx_set[46]_rcu() not to touch dst there. | 0% Низкий | 3 месяца назад | |
 | BDU:2025-16144 Уязвимость модуля net/smc/smc_clc.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.8 | 0% Низкий | 5 месяцев назад |
 | SUSE-SU-2025:4521-1 Security update for the Linux Kernel | около 2 месяцев назад | ||
| SUSE-SU-2025:4505-1 Security update for the Linux Kernel | около 2 месяцев назад | ||
| SUSE-SU-2025:4422-1 Security update for the Linux Kernel | около 2 месяцев назад | ||
| SUSE-SU-2025:4516-1 Security update for the Linux Kernel | около 2 месяцев назад | ||
| SUSE-SU-2025:4393-1 Security update for the Linux Kernel | около 2 месяцев назад | ||
| SUSE-SU-2025:4517-1 Security update for the Linux Kernel | около 2 месяцев назад | ||
| openSUSE-SU-2025:20172-1 Security update for the Linux Kernel | около 2 месяцев назад | ||
| SUSE-SU-2026:0316-1 Security update for the Linux Kernel | 12 дней назад | ||
| SUSE-SU-2026:0317-1 Security update for the Linux Kernel | 12 дней назад |
Уязвимостей на страницу