1373 matches found
EUVD-2026-42870
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propagate the SKBFLSHAREDFRAG flag. This is the same class of bug that was...
kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service
A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...
kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service
A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...
kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service
A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...
kernel: net/sched: act_pedit: extend the writable skb range per key
A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...
The vulnerability of the skbuff network component in Linux operating system kernels allows attackers to increase their privileges.
The vulnerability of the skbuff network component in Linux operating systems is related to insufficient resource control during its existence. Exploiting this vulnerability can allow attackers to enhance their privileges...
net: mvpp2: refill RX buffers before XDP or skb use
...
netdevsim: zero initialize struct iphdr in dummy sk_buff
...
udp: clear skb->dev before running a sockmap verdict
...
net: skbuff: fix missing zerocopy reference in pskb_carve helpers
...
Bluetooth: RFCOMM: validate skb length in MCC handlers
...
net: openvswitch: fix possible kfree_skb of ERR_PTR
...
netfilter: nf_queue: hold bridge skb->dev while queued
...
CVE-2026-52997
A flaw was found in the Linux kernel's schdualpi2 qdisc queueing discipline component. When dualpi2change attempts to enforce updated limit and memory limit values, it may incorrectly try to dequeue packets from an empty C-queue while packets are present in the L-queue. This can lead to a NULL sk...
CVE-2026-52981
A flaw was found in the Linux kernel. The neighxmit function, when called with an uninitialized neighbor table such as NEIGHNDTABLE when IPv6 is disabled, can return an error without properly releasing the allocated skb socket buffer. This can lead to a memory leak, potentially impacting system...
CVE-2026-53227
A flaw was found in the Linux kernel's Open vSwitch OVS component. This issue occurs due to incorrect error handling during the allocation of a 'reply' skb socket buffer after locking the ovsmutex. If the allocation fails, an invalid pointer may be passed to kfreeskb, leading to a system crash an...
CVE-2026-53215
A flaw was found in the Linux kernel's mvpp2 network driver. This vulnerability occurs due to incorrect handling of receive RX buffers, where a buffer is returned to the hardware Buffer Manager BM pool after it has been passed to the eXpress Data Path XDP or attached to a socket buffer skb. This...
CVE-2026-52993
A flaw was found in the Linux kernel's Transparent Inter-Process Communication TIPC module. This vulnerability, a double-free, occurs when the tipcbufappend function incorrectly handles memory after a socket buffer skb reallocation. An attacker could potentially exploit this to cause system...
CVE-2026-53009
A flaw was found in the Linux kernel's ice network driver. An error in the driver's handling of network packet transmission, specifically when icetso or icetxcsum functions fail, can lead to a double-free of a network buffer skb. This occurs because a transmit buffer txbuf may still point to an...
EUVD-2026-39337
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential unbounded skb queue virtiotransportincrxpkt checks vvs-rxbytes + len vvs-bufalloc. virtiotransportrecvenqueue skips coalescing for packets with VIRTIOVSOCKSEQEOM. If fed with packets with len == 0 and...