EUVD-2026-38033

In the Linux kernel, the following vulnerability has been resolved: ip6vti: set netnsimmutable on the fallback device. john1988 and Noam Rathaus reported that vti6initnet does not set the netnsimmutable flag on the per-netns fallback tunnel device ip6vti0. Other similar tunnel drivers like...

CVE-2026-52909

The CVE-2026-5299x family concerns the Linux kernel IPv6 virtual tunnel interfaces. The issue: in vti6_init_net(), the per-netns fallback tunnel device (ip6_vti0) does not set the netns_immutable flag, allowing the device to be moved between network namespaces. This flag is correctly set by other...

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.18.44 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

kernel security update

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

RLSA-2026:25217 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount CVE-2026-23216 kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel:...

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

AlmaLinux 9 : kernel (ALSA-2026:25217)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25217 advisory. kernel: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount CVE-2026-23216 kernel: Linux kernel: Use-after-free in bonding driver leads to...

SUSE-SU-2026:2331-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables bsc1261700. - CVE-2026-31629: nfc: llcp: add missing return after LLCPCLOSED checks...

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

PT-2026-37526

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A heap buffer overflow exists in the ioam6 fill trace data function. The function relies on the nodelen field from incoming packets to determine the amount of data to write for each node...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/ip6tunnel: Prevents perpetual tunnel growth. Similar to the ipv4tunnel case, the ipv6 version also updates dev-neededheadroom. While the growth of tunnel headroom adjustment in commit 5ae1e9922bbd “net: iptunnel: prevent...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011396)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011396 advisory. In the Linux kernel, the following vulnerability has been resolved: net/ip6tunnel: Prevent perpetual tunnel growth Similarly to ipv4 tunnel, ipv6 version updates...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013197)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013197 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report 1 with no reproducer hints at a bug...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013037)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013037 advisory. In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the...

SUSE-SU-2026:0473-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50347: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost bsc1249928. - CVE-2022-50580: blk-throttle: prevent overflow while calculating wait time bsc125254...

CVE-2026-23003

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: use skbvlaninetprepare in ip6tnlrcv Blamed commit did not take care of VLAN encapsulations as spotted by syzbot 1. Use skbvlaninetprepare instead of pskbinetmaypull. 1 BUG: KMSAN: uninit-value in INETECNdecapsulate...

CVE-2026-23003 ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv()

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: use skbvlaninetprepare in ip6tnlrcv Blamed commit did not take care of VLAN encapsulations as spotted by syzbot 1. Use skbvlaninetprepare instead of pskbinetmaypull. 1 BUG: KMSAN: uninit-value in INETECNdecapsulate...

CVE-2026-23003

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: use skbvlaninetprepare in ip6tnlrcv Blamed commit did not take care of VLAN encapsulations as spotted by syzbot 1. Use skbvlaninetprepare instead of pskbinetmaypull. 1 BUG: KMSAN: uninit-value in INETECNdecapsulate...

PT-2026-26581

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the tunnel xmit functions iptunnel xmit, ip6tunnel xmit. These functions lack a recursion limit, which can lead to an infinite recursion loop when a...

PT-2026-4665

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained an issue within the ip6 tunnel component where the code did not properly handle VLAN encapsulations. Specifically, the commit responsible did not account for...