73 matches found
CVE-2025-38572 ipv6: reject malicious packets in ipv6_gso_segment()
In the Linux kernel, the following vulnerability has been resolved: ipv6: reject malicious packets in ipv6gsosegment syzbot was able to craft a packet with very long IPv6 extension headers leading to an overflow of skb-transportheader. This 16bit field has a limited range. Add...
kernel: net: fix udp gso skb_segment after pull from frag_list
A denial of service vulnerability has been discovered in the Linux kernel's UDP Generic Segmentation Offload GSO functionality. This flaw allows a local, unprivileged user to trigger a kernel crash by generating UDP packets with a specially malformed fraglist geometry. Successful exploitation of...
PT-2025-37228
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to Generic Segmentation Offload GSO and IPv6 packets with extension headers. Specifically, the kernel incorrectly requests checksum offload fo...
net: lan743x: Fix memleak issue when GSO enabled
...
DEBIAN-CVE-2025-38124
In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skbsegment after pull from fraglist Commit a1e40ac5b5e9 "net: gso: fix udp gso fraglist segmentation after pull from fraglist" detected invalid geometry in fraglist skbs and redirects them from skbsegmentlist to...
UBUNTU-CVE-2025-38124
In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skbsegment after pull from fraglist Commit a1e40ac5b5e9 "net: gso: fix udp gso fraglist segmentation after pull from fraglist" detected invalid geometry in fraglist skbs and redirects them from skbsegmentlist to...
kernel: net: gso: fix ownership in __udp_gso_segment
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...
kernel: net: gso: fix ownership in __udp_gso_segment
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...
DEBIAN-CVE-2025-37992
In the Linux kernel, the following vulnerability has been resolved: netsched: Flush gsoskb list too during -change Previously, when reducing a qdisc's limit via the -change operation, only the main skb queue was trimmed, potentially leaving packets in the gsoskb list. This could result in NULL...
DEBIAN-CVE-2025-37909
In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the skb to the LS descriptor. Previously skb was mapped to EXT descriptor when the number of fragments is zero with GSO enabled. Mapping the skb to EXT descriptor preven...
CVE-2025-37909
In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the skb to the LS descriptor. Previously skb was mapped to EXT descriptor when the number of fragments is zero with GSO enabled. Mapping the skb to EXT descriptor preven...
UBUNTU-CVE-2025-37909
In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the skb to the LS descriptor. Previously skb was mapped to EXT descriptor when the number of fragments is zero with GSO enabled. Mapping the skb to EXT descriptor preven...
CLSA-2025-1747688831 kernel: Fix of 20 CVEs
drm/dpmst: Ensure mstprimary pointer is valid in drmdpmsthandleupreq CVE-2024-57798 - block: Fix handling of offline queues in blkmqallocrequesthctx CVE-2022-49720 - drm: nv04: Fix out of bounds access CVE-2024-27008 - parport: Proper fix for array out-of-bounds access CVE-2024-50074 - Bluetooth:...
PT-2025-22171
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been identified in the Linux kernel when GSO is enabled. The issue occurs because the skb is mapped to the EXT descriptor instead of the LS descriptor when the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: Avoid potential underflow in qdiscpktleninit with UFO After committing 7c6d2ecbda83 “net: Be more gentle about silly GSO requests coming from user”, the virtionethdrtoskb function added sanity checks to detect malicious...
gso: fix udp gso fraglist segmentation after pull from frag_list
...
UBUNTU-CVE-2024-49979
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix tcp fraglist segmentation after pull from fraglist Detect tcp gso fraglist skbs with corrupted geometry see below and pass these to skbsegment instead of skbsegmentlist, as the first can segment them correctly. Vali...
net: drop bad gso csum_start and offset in virtio_net_hdr
...
kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs
In the Linux kernel, the following vulnerability has been resolved: net: core: reject skbcopyexpand for fraglist GSO skbs SKBGSOFRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skbcopy or skbcopyexpand, in order to prevent a crash on a...
The vulnerability of the gso component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the gso component in Linux operating systems is related to the absence of an external header called ip. Exploiting this vulnerability can allow a perpetrator to cause a service failure...