CVE-2026-13351

Zephyr's IPv6 network stack can be prevented from receiving or processing future incoming packets by sending a small number of maliciously fragmented IPv6 packets. When such a packet is handled by the fragment-header processing path, the associated RX network packet buffer allocated from a memory...

EUVD-2026-39478

Zephyr's IPv6 network stack can be prevented from receiving or processing future incoming packets by sending a small number of maliciously fragmented IPv6 packets. When such a packet is handled by the fragment-header processing path, the associated RX network packet buffer allocated from a memory...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xsk: Fixed the deletion of fragment nodes to prevent buffer leaks. After the commit b692bf9a7543 “xsk: Got rid of xdpbuffxsk::xskblistnode”, the listnode field is reused for both the xskb pool list and the buffer free list. This...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: inet: frags: dropping fraglist and conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. The issue is reported as being triggered by this behavior...

USN-8440-1 linux-azure-6.8 vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

GHSA-5XRH-QMMQ-W6CH Netty: SCTP reassembly nests buffers without bound

For each non-complete SctpMessage fragment the handler does fragments.putstreamId, Unpooled.wrappedBufferfrag, byteBuf, wrapping the previous accumulator and the new slice into a new CompositeByteBuf every time. After N fragments the accumulator is an N-deep chain of composites, each holding...

PT-2026-44311

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A NULL pointer dereference occurs in the octeon ep vf driver. The function napi build skb can return NULL if an allocation failure occurs. In octep vf oq process rx, the result of this...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fragment transmission helper function failing to propagate the SKBFLSHAREDFRAG bit. This coul...

SUSE-SU-2026:1904-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker...

TencentOS Server 3: kernel (TSSA-2026:0316)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0316 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-017398)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017398 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe...

CLSA-2026-1778261513 Update of alt-php

Miscellaneous Ubuntu changes - Packaging: add tuxcare suffix Miscellaneous upstream changes - xfrm: esp: avoid in-place decrypt on shared skb frags - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present...

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the processing of request paths containing a number sign or its encoded form %23 when using skipauthroutes or skipauthregex settings. An attacker can gain unauthorized access t...

SUSE CVE-2026-23326

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix fragment node deletion to prevent buffer leak After commit b692bf9a7543 "xsk: Get rid of xdpbuffxsk::xskblistnode", the listnode field is reused for both the xskb pool list and the buffer free list, this causes a buffer...

EUVD-2026-15279

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix fragment node deletion to prevent buffer leak After commit b692bf9a7543 "xsk: Get rid of xdpbuffxsk::xskblistnode", the listnode field is reused for both the xskb pool list and the buffer free list, this causes a buffer...

UBUNTU-CVE-2026-23326

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix fragment node deletion to prevent buffer leak After commit b692bf9a7543 "xsk: Get rid of xdpbuffxsk::xskblistnode", the listnode field is reused for both the xskb pool list and the buffer free list, this causes a buffer...

CVE-2026-23326

The CVE-2026-23326 issue is a Linux kernel XSK fragment handling flaw that caused a buffer leak. After commit b692bf9a..., the xskb_list_node reuse between the xskb pool list and the buffer free list meant xp_free() could skip adding a freed buffer to the free list because list_del() did not rein...

CVE-2026-23326 xsk: Fix fragment node deletion to prevent buffer leak

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix fragment node deletion to prevent buffer leak After commit b692bf9a7543 "xsk: Get rid of xdpbuffxsk::xskblistnode", the listnode field is reused for both the xskb pool list and the buffer free list, this causes a buffer...

CVE-2026-23326

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix fragment node deletion to prevent buffer leak After commit b692bf9a7543 "xsk: Get rid of xdpbuffxsk::xskblistnode", the listnode field is reused for both the xskb pool list and the buffer free list, this causes a buffer...

Linux Distros Unpatched Vulnerability : CVE-2026-23326

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xsk: Fix fragment node deletion to prevent buffer leak After commit b692bf9a7543 xsk: Get rid of xdpbuffxsk::xskblistnode, the listnode field is reused for both...