Lucene search
K

28 matches found

RedHat Linux
RedHat Linux
added 6 days ago5 views

kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers

A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...

8.8CVSS6.4AI score0.00135EPSS
Exploits7References6
OSV
OSV
added 2026/06/04 9:13 p.m.14 views

USN-8390-1 linux, linux-azure, linux-azure-4.15, linux-azure-fips, linux-fips, linux-gcp-4.15, linux-gcp-fips, linux-kvm, linux-oracle vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.2AI score0.93235EPSS
Exploits31References2
Ubuntu
Ubuntu
added 2026/06/04 9:9 p.m.15 views

USN-8389-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6AI score0.93235EPSS
Exploits36
AstraLinux
AstraLinux
added 2026/06/02 3:27 p.m.1 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: Preserve the shared-frag marker during coalescing The skbtrycoalesce function can attach paged fragments from @from to @to. If @from has the SKBFLSHAREDFRAG flag set, the resulting @to skb may contain the same...

7.8CVSS6.7AI score0.03663EPSS
Exploits11References3
ATTACKERKB
ATTACKERKB
added 2026/05/23 11:44 a.m.12 views

CVE-2026-43503

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...

5.7AI score0.00135EPSS
Exploits7References16Affected Software1
CVE
CVE
added 2026/05/23 11:44 a.m.311 views

CVE-2026-43503

The CVE-2026-43503 entry concerns Linux kernel net/skbuff handling: when frags are moved by frag-transfer helpers (notably __pskb_copy_fclone() and skb_shift()), the SKBFL_SHARED_FRAG flag was not propagated to the destination skb, causing destination pages to remain shared while skb_has_shared_f...

8.8CVSS5.8AI score0.00135EPSS
Exploits7References41Affected Software1
EUVD
EUVD
added 2026/05/23 11:44 a.m.13 views

EUVD-2026-31536

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...

5.8AI score0.00135EPSS
Exploits7References7
Cvelist
Cvelist
added 2026/05/23 11:44 a.m.17 views

CVE-2026-43503 net: skbuff: propagate shared-frag marker through frag-transfer helpers

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...

8.8CVSS0.00135EPSS
Exploits7References8
RedHat Linux
RedHat Linux
added 2026/05/21 2:50 p.m.3 views

kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers

A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...

8.8CVSS6.4AI score0.00135EPSS
Exploits7References6
RedHat Linux
RedHat Linux
added 2026/05/20 3:47 p.m.3 views

kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers

A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...

8.8CVSS6.4AI score0.00135EPSS
Exploits7References6
RedHat Linux
RedHat Linux
added 2026/05/20 1:8 p.m.3 views

kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers

A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...

8.8CVSS6.4AI score0.00135EPSS
Exploits7References6
RedHat Linux
RedHat Linux
added 2026/05/20 1:3 p.m.2 views

kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers

A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...

8.8CVSS6.4AI score0.00135EPSS
Exploits7References6
RedHat Linux
RedHat Linux
added 2026/05/20 6:55 a.m.3 views

kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers

A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...

8.8CVSS6.4AI score0.00135EPSS
Exploits7References6
OSV
OSV
added 2026/05/13 10:5 a.m.5 views

SUSE-SU-2026:1840-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix the following issue: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264449. - CVE-2026-43500: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present bsc1264450...

8.8CVSS6AI score0.93235EPSS
Exploits33References5
OSV
OSV
added 2026/05/12 8:59 a.m.9 views

SUSE-SU-2026:21636-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix the following security issues: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264449. - CVE-2026-43500: rxrpc: unshare DATA/RESPONSE packets when paged frags are present bsc1264450...

8.8CVSS6.1AI score0.93235EPSS
Exploits33References5
OSV
OSV
added 2026/05/11 11:16 a.m.3 views

SUSE-SU-2026:21622-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 RT kernel was updated to fix the following issues: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264449. - CVE-2026-43500: rxrpc: unshare DATA/RESPONSE packets when paged frags are present bsc1264450...

8.8CVSS6AI score0.93235EPSS
Exploits33References5
EUVD
EUVD
added 2026/05/11 9:30 a.m.9 views

EUVD-2026-29037

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS5.8AI score0.92766EPSS
Exploits20References4
NVD
NVD
added 2026/05/11 8:16 a.m.40 views

CVE-2026-43500

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS0.92766EPSS
Exploits20References9
UbuntuCve
UbuntuCve
added 2026/05/11 8:16 a.m.15 views

CVE-2026-43500

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS6AI score0.92766EPSS
Exploits20References6
OSV
OSV
added 2026/05/11 8:16 a.m.7 views

UBUNTU-CVE-2026-43500

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS6AI score0.92766EPSS
Exploits20References25
Rows per page
Query Builder