Количество 19
Количество 19
CVE-2025-40149
In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_for_sock() is called during setsockopt(), so not under RCU. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the only ->ndo_sk_get_lower_dev() user is bond_sk_get_lower_dev(), which uses RCU.
CVE-2025-40149
In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_for_sock() is called during setsockopt(), so not under RCU. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the only ->ndo_sk_get_lower_dev() user is bond_sk_get_lower_dev(), which uses RCU.
CVE-2025-40149
In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_for_sock() is called during setsockopt(), so not under RCU. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the only ->ndo_sk_get_lower_dev() user is bond_sk_get_lower_dev(), which uses RCU.
CVE-2025-40149
tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock().
CVE-2025-40149
In the Linux kernel, the following vulnerability has been resolved: t ...
GHSA-f2w5-mmwp-c76h
In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_for_sock() is called during setsockopt(), so not under RCU. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the only ->ndo_sk_get_lower_dev() user is bond_sk_get_lower_dev(), which uses RCU.
BDU:2025-14952
Уязвимость функции get_netdev_for_sock() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
ELSA-2026-50133
ELSA-2026-50133: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2026-50094
ELSA-2026-50094: Unbreakable Enterprise kernel security update (IMPORTANT)
SUSE-SU-2025:4521-1
Security update for the Linux Kernel
SUSE-SU-2025:4505-1
Security update for the Linux Kernel
SUSE-SU-2025:4422-1
Security update for the Linux Kernel
SUSE-SU-2025:4516-1
Security update for the Linux Kernel
SUSE-SU-2025:4393-1
Security update for the Linux Kernel
SUSE-SU-2025:4517-1
Security update for the Linux Kernel
openSUSE-SU-2025:20172-1
Security update for the Linux Kernel
SUSE-SU-2026:0316-1
Security update for the Linux Kernel
ELSA-2026-50145
ELSA-2026-50145: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2026-50112
ELSA-2026-50112: Unbreakable Enterprise kernel security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-40149 In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_for_sock() is called during setsockopt(), so not under RCU. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the only ->ndo_sk_get_lower_dev() user is bond_sk_get_lower_dev(), which uses RCU. | CVSS3: 7.8 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-40149 In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_for_sock() is called during setsockopt(), so not under RCU. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the only ->ndo_sk_get_lower_dev() user is bond_sk_get_lower_dev(), which uses RCU. | CVSS3: 5 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-40149 In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_for_sock() is called during setsockopt(), so not under RCU. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the only ->ndo_sk_get_lower_dev() user is bond_sk_get_lower_dev(), which uses RCU. | CVSS3: 7.8 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-40149 tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). | CVSS3: 5.5 | 0% Низкий | 7 месяцев назад |
| CVE-2025-40149 In the Linux kernel, the following vulnerability has been resolved: t ... | CVSS3: 7.8 | 0% Низкий | 7 месяцев назад |
| GHSA-f2w5-mmwp-c76h In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_for_sock() is called during setsockopt(), so not under RCU. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the only ->ndo_sk_get_lower_dev() user is bond_sk_get_lower_dev(), which uses RCU. | CVSS3: 7.8 | 0% Низкий | 7 месяцев назад |
 | BDU:2025-14952 Уязвимость функции get_netdev_for_sock() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5 | 0% Низкий | 9 месяцев назад |
| ELSA-2026-50133 ELSA-2026-50133: Unbreakable Enterprise kernel security update (IMPORTANT) | 4 месяца назад | ||
| ELSA-2026-50094 ELSA-2026-50094: Unbreakable Enterprise kernel security update (IMPORTANT) | 5 месяцев назад | ||
 | SUSE-SU-2025:4521-1 Security update for the Linux Kernel | 6 месяцев назад | ||
| SUSE-SU-2025:4505-1 Security update for the Linux Kernel | 6 месяцев назад | ||
| SUSE-SU-2025:4422-1 Security update for the Linux Kernel | 6 месяцев назад | ||
| SUSE-SU-2025:4516-1 Security update for the Linux Kernel | 6 месяцев назад | ||
| SUSE-SU-2025:4393-1 Security update for the Linux Kernel | 6 месяцев назад | ||
| SUSE-SU-2025:4517-1 Security update for the Linux Kernel | 6 месяцев назад | ||
| openSUSE-SU-2025:20172-1 Security update for the Linux Kernel | 6 месяцев назад | ||
| SUSE-SU-2026:0316-1 Security update for the Linux Kernel | 5 месяцев назад | ||
| ELSA-2026-50145 ELSA-2026-50145: Unbreakable Enterprise kernel security update (IMPORTANT) | 3 месяца назад | ||
| ELSA-2026-50112 ELSA-2026-50112: Unbreakable Enterprise kernel security update (IMPORTANT) | 4 месяца назад |
Уязвимостей на страницу