Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1694)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1694 advisory. In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption CVE-2026-31533 In the Linux kernel, the following...

Unbreakable Enterprise kernel security update: Dirty Frag

5.4.17-2136.354.4.3 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39342682 CVE-2026-43284...

Important: kernel-livepatch-6.1.166-197.305

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

Important: kernel-livepatch-6.12.80-105.147

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 In the Linux kernel, the...

Important: kernel-livepatch-6.18.8-9.213

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

Unbreakable Enterprise kernel security update: Dirty Frag

5.15.0-319.201.4.6 - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39342679 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39342679 CVE-2026-43284 5.15.0-319.201.4.5 - iommu/arm-smmu-v3: Handle zeroed A4-2C HTTU override settings...

Unbreakable Enterprise kernel security update: Dirty Frag

6.12.0-201.74.2.3 - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present Hyunwoo Kim Orabug: 39342689 CVE-2026-43500 - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets David Howells Orabug: 39342689 - rxrpc: only handle RESPONSE during service challenge Wang Jie...

Important: kernel-livepatch-5.10.248-247.988

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

Important: kernel-livepatch-5.10.251-248.983

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

Important: kernel-livepatch-6.18.16-18.222

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: afunix: Give up GC if MSGPEEK intervened. CVE-2026-23394 In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths CVE-2026-23442 In the Linux kernel, the...

CVE-2026-7807 SmarterTools SmarterMail < Build 9560 Server Local File Inclusion via the /api/v1/report/summary/{type} API

SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /api/v1/report/summary/type API endpoint that allows authenticated users to read arbitrary .json files on the system. Attackers can exploit this vulnerability combined with weak encryption algorithms...

CLSA-2026-1778261301 Update of alt-php

Miscellaneous upstream changes - xfrm: esp: avoid in-place decrypt on shared skb frags...

CLSA-2026-1778267481 Update of kernel-uek

rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present - xfrm: esp: avoid in-place decrypt on shared skb frags...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix the following issue: This fixes the DirtyFrag issues: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264449. CVE-2026-43500: rxrpc and afs modules are disabled bsc1264450 Special Instructions and Notes: Pleas...

EUVD-2026-28535

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later paths that may modify packet data ca...

ALSA-2026:A007 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: xfrm: esp: avoid in-place decrypt on shared skb frags CVE-2026-43284 For more details about the security issues, including the...

AlmaLinux 9 : ALSA-2026:A005kernel (ALSA-2026:A005)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:A005 advisory. kernel: xfrm: esp: avoid in-place decrypt on shared skb frags CVE-2026-43284 Tenable has extracted the preceding description block directly from the AlmaLinux...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: xfrm: esp: avoid in-place decrypt on shared skb frags CVE-2026-43284 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...