141 matches found
CVE-2025-39770
In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6CSUM When performing Generic Segmentation Offload GSO on an IPv6 packet that contains extension headers, the kernel incorrectly requests checksum offload if the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the GSO stack not properly disabling IPv6 checksum offloading, which could lead to unsupported device...
sctp: linearize cloned gso packets in sctp_rcv
...
CVE-2025-38718 sctp: linearize cloned gso packets in sctp_rcv
In the Linux kernel, the following vulnerability has been resolved: sctp: linearize cloned gso packets in sctprcv A cloned head skb still shares these frag skbs in fraglist with the original head skb. It's not safe to access these frag skbs. syzbot reported two use-of-uninitialized-memory bugs...
CVE-2025-38718 sctp: linearize cloned gso packets in sctp_rcv
In the Linux kernel, the following vulnerability has been resolved: sctp: linearize cloned gso packets in sctprcv A cloned head skb still shares these frag skbs in fraglist with the original head skb. It's not safe to access these frag skbs. syzbot reported two use-of-uninitialized-memory bugs...
CVE-2025-38622
In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udprcvsegment When sending a packet with virtionethdr to tun device, if the gsotype in virtionethdr is SKBGSOUDP and the gsosize is less than udphdr size, below crash may happen. ------------ cut here...
CVE-2025-38622
In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udprcvsegment When sending a packet with virtionethdr to tun device, if the gsotype in virtionethdr is SKBGSOUDP and the gsosize is less than udphdr size, below crash may happen. ------------ cut here...
CVE-2025-38622
CVE-2025-38622 — Linux kernel UDP/GSO issue : The vulnerability occurs in the UDP receive path when a packet with virtio_net_hdr using SKB_GSO_UDP and a gso_size smaller than the UDP header can trigger a crash in skb_pull_rcsum, leading to a kernel BUG in net/core/skbuff.c and a local attacker ma...
AZL-73854 CVE-2025-38572 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: ipv6: reject malicious packets in ipv6gsosegment syzbot was able to craft a packet with very long IPv6 extension headers leading to an overflow of skb-transportheader. This 16bit field has a limited range. Add...
CVE-2025-38572 ipv6: reject malicious packets in ipv6_gso_segment()
In the Linux kernel, the following vulnerability has been resolved: ipv6: reject malicious packets in ipv6gsosegment syzbot was able to craft a packet with very long IPv6 extension headers leading to an overflow of skb-transportheader. This 16bit field has a limited range. Add...
kernel: net: fix udp gso skb_segment after pull from frag_list
A denial of service vulnerability has been discovered in the Linux kernel's UDP Generic Segmentation Offload GSO functionality. This flaw allows a local, unprivileged user to trigger a kernel crash by generating UDP packets with a specially malformed fraglist geometry. Successful exploitation of...
PT-2025-37228
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to Generic Segmentation Offload GSO and IPv6 packets with extension headers. Specifically, the kernel incorrectly requests checksum offload fo...
net: ethernet: cortina: Use TOE/TSO on all TCP
...
net: lan743x: Fix memleak issue when GSO enabled
...
UBUNTU-CVE-2025-38331
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: cortina: Use TOE/TSO on all TCP It is desireable to push the hardware accelerator to also process non-segmented TCP frames: we pass the skb-len to the "TOE/TSO" offloader and it will handle them. Without this quirk...
CVE-2025-38331
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: cortina: Use TOE/TSO on all TCP It is desireable to push the hardware accelerator to also process non-segmented TCP frames: we pass the skb-len to the "TOE/TSO" offloader and it will handle them. Without this quirk...
PT-2025-29053
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's ethernet/cortina driver related to the TCP Offload Engine TOE and TCP Segmentation Offload TSO features. The issue causes instability, lockups, and...
DEBIAN-CVE-2025-38124
In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skbsegment after pull from fraglist Commit a1e40ac5b5e9 "net: gso: fix udp gso fraglist segmentation after pull from fraglist" detected invalid geometry in fraglist skbs and redirects them from skbsegmentlist to...
UBUNTU-CVE-2025-38124
In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skbsegment after pull from fraglist Commit a1e40ac5b5e9 "net: gso: fix udp gso fraglist segmentation after pull from fraglist" detected invalid geometry in fraglist skbs and redirects them from skbsegmentlist to...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of udp gso segmentation, which could lead to memory corruption...