388 matches found
CVE-2026-45850
CVE-2026-45850 pertains to the Linux kernel vulnerability where protocol checksum validation for IPv6 could fail if there are extension headers before the IPv6 header. The confirmed fix uses iph->len as the offset to skip extension headers when performing checksum validation. Technical details...
PT-2026-43910
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the RDMA/rxe component where the rxe rcv function fails to properly validate the incoming packet length before calculating the payload size. The payload size calculation...
CVE-2026-9054
The provided documents describe CVE-2026-9054 as a network-facing kernel panic triggered when an attacker sends packets (TCP, IL, RUDP, RUDP, or GRE) whose length is shorter than the header size. The description is consistent across NVD entries and related sources, but there are no explicit detai...
Astra Linux – Vulnerability in libpcap
The sf-pcapng.c file in libpcap before version 1.9.1 does not properly validate the PHB header length before allocating memory...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs – validates the length of the inner IPv4 header in the IPTFS payload. Validation of the totlen and ihl fields of the inner IPv4 packet has been added to the process of parsing decrypted IPTFS payloads in...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: Check actuallength before accessing the header. The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostfram...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: idpf: fixed null-ptr-deref in idpffeaturescheck idpffeaturescheck is used to validate the TX packet. The length of the skb header is compared with the value supported by the hardware, which is received from the device control...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv4, ipv6: Fixed the handling of transhdrlen in ip,6appenddata. Including transhdrlen in the packet length is a problem when the packet is partially filled e.g., a sendMSGMORE operation occurred previously when appending to a...
CLSA-2026-1779129849 httpd: Fix of CVE-2026-28780
CVE-2026-28780: modproxyajp: heap-based buffer overflow in ajpmsgcheckheader — message size check did not subtract AJPHEADERLEN, letting a crafted AJP reply write 4 bytes past the end of the heap buffer...
CLSA-2026-1779097389 qemu-kvm: Fix of CVE-2023-6693
fix CVE-2023-6693: virtio-net stack overflow via large guesthdrlen...
SUSE CVE-2026-31747
In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential overrun of firmware buffer me4000xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format...
SUSE CVE-2026-43037
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: clear skb2-cb in ip4ip6err Oskar Kjos reported the following problem. ip4ip6err calls icmpsend on a cloned skb whose cb was written by the IPv6 receive path as struct inet6skbparm. icmpsend passes IPCBskb2 to...
SUSE CVE-2026-43057
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6CSUM GSO fallback NETIFFIPV6CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software...
EUVD-2026-26656
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6CSUM GSO fallback NETIFFIPV6CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software...
CVE-2026-43057
CVE-2026-43057 concerns the Linux kernel networking stack. The issue arises in how IPv6 traffic with extension headers or with no inner IP protocol is processed when using IPV6_CSUM GSO fallback. The fix, described in the CVE entry and corroborated by Debian/Red Hat advisories, changes the fallba...
CVE-2026-43057
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6CSUM GSO fallback NETIFFIPV6CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software...
CVE-2026-43057 net: correctly handle tunneled traffic on IPV6_CSUM GSO fallback
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6CSUM GSO fallback NETIFFIPV6CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software...
PT-2026-36474
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the network subsystem regarding the handling of tunneled traffic during IPV6 CSUM GSO fallback. The NETIF F IPV6 CSUM flag only supports checksum offload for packets...
ovn: ovn: Heap Over-Read in ICMP Error Response Generation
When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...
Integer Underflow (Wrap or Wraparound)
Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the parsemessage function when the NegoEx mechanism is registered in /etc/gss/mech. An attacker can cause process termination by sending specially crafted requests with a short headerlen that...