Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix the following issue: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264449. CVE-2026-43500: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present bsc1264450. Special Instructions and Notes: Plea...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently...

CVE-2026-31649

A flaw was found in the Linux kernel's stmmac network driver. An integer underflow vulnerability in the jumbofrm function, when processing specially crafted fragmented network packets, can lead to a memory disclosure and potential memory corruption. This issue allows an attacker to read arbitrary...

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013401)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013401 advisory. In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the...

CVE-2025-59024 Crafted delegations or IP fragments can poison cached delegations in Recursor

Crafted delegations or IP fragments can poison cached delegations in Recursor...

CVE-2025-59024

Crafted delegations or IP fragments can poison cached delegations in Recursor...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000713)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000713 advisory. The virtnetprobe function in drivers/net/virtionet.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000993)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000993 advisory. The batadvfragmergepackets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the Linux kernel through 3.18.1 uses an incorrect length...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000903)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000903 advisory. net/ipv6/netfilter/nfconntrackreasm.c in the Linux kernel before 2.6.34, when the nfconntrackipv6 module is enabled, allows remote attackers to cause a denial of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002337 advisory. net/ipv6/netfilter/nfconntrackreasm.c in the Linux kernel before 2.6.34, when the nfconntrackipv6 module is enabled, allows remote attackers to cause a denial of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001840)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001840 advisory. The virtnetprobe function in drivers/net/virtionet.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000673)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000673 advisory. drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted...

CVE-1999-0588

A filter in a router or firewall allows unusual fragmented packets...

CVE-1999-0240

Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy...

CVE-1999-0602

A network intrusion detection system IDS does not properly reassemble fragmented packets...

CVE-2025-68388

Allocation of resources without limits or throttling CWE-770 allows an unauthenticated remote attacker to cause excessive allocation CAPEC-130 of memory and CPU via the integration of malicious IPv4 fragments, leading to a degradation in Packetbeat...

kernel: net/sched: act_ct: fix skb leak and crash on ooo frags

A memory leak flaw and potential kernel crash were found in the Linux kernel’s Conntrack module. This issue occurs when Conntrack is being used by a local user for a specific configuration, and both fragmented packets are received remotely and out of order. This flaw allows a local or remote user...

Linux Distros Unpatched Vulnerability : CVE-2023-53822

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath11k: Ignore frags from uninitialized peer in dp. When max virtual ap interfaces are configured in all the bands with ACS and hostapd restart is done...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an uninitialized peer receiving fragmented packets, which could lead to a null pointer exception...

kernel: net/sched: act_ct: fix skb leak and crash on ooo frags

A memory leak flaw and potential kernel crash were found in the Linux kernel’s Conntrack module. This issue occurs when Conntrack is being used by a local user for a specific configuration, and both fragmented packets are received remotely and out of order. This flaw allows a local or remote user...