1343 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-52993
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tipc: fix double-free in tipcbufappend tipcmsgvalidate can potentially reallocate the skb it is validating, freeing the old one. In tipcbufappend, it was being...
Linux Distros Unpatched Vulnerability : CVE-2026-53102
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mt76: Fix memory leak after mt76connacmcuallocstareq mt76connacmcuallocstareq allocates an skb which is expected to be freed eventually by...
CVE-2026-52912
A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because a queued bridge packet can retain a freed bridge master in its skb-dev field until it is reinjected. When the packet is later reinjected, the system attempts to use the freed bridge master, leading to a...
EUVD-2026-38877
In the Linux kernel, the following vulnerability has been resolved: ice: fix double-free of txbuf skb If icetso or icetxcsum fail, the error path in icexmitframering frees the skb, but the 'first' txbuf still points to it and is marked as valid ICETXBUFSKB. 'nexttouse' remains unchanged, so the...
EUVD-2026-38842
In the Linux kernel, the following vulnerability has been resolved: net: tls: fix strparser anchor skb leak on offload RX setup failure When tlssetdeviceoffloadrx fails at tlsdevadd, the error path calls tlsswfreeresourcesrx to clean up the SW context that was initialized by tlssetswoffload. This...
CVE-2026-53096
In the Linux kernel, the following vulnerability has been resolved: bpf: Use RCU-safe iteration in devmapredirectmulti SKB path The DEVMAPHASH branch in devmapredirectmulti uses hlistforeachentrysafe to iterate hash buckets, but this function runs under RCU protection called from...
CVE-2026-52993
In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipcbufappend tipcmsgvalidate can potentially reallocate the skb it is validating, freeing the old one. In tipcbufappend, it was being called with a pointer to a local variable which was a copy of the...
EUVD-2026-38979
In the Linux kernel, the following vulnerability has been resolved: bpf: testrun: Fix the null pointer dereference issue in bpflwtxmitpushencap The bpflwtxmitpushencap helper needs to access skbdstskb-dev to calculate the needed headroom: err = skbcowheadskb, len + LLRESERVEDSPACEskbdstskb-dev; B...
EUVD-2026-38947
In the Linux kernel, the following vulnerability has been resolved: netsched: fix skb memory leak in deferred qdisc drops When the network stack cleans up the deferred list via qdiscrunend, it operates on the root qdisc. If the root qdisc do not implement the TCQFDEQUEUEDROPS flag the packets que...
CVE-2026-53009
The CVE-2026-53009 issue affects the Linux kernel ice network driver. When ice_tso() or ice_tx_csum() fail, the error path in ice_xmit_frame_ring() frees the skb, but the first tx_buf may still reference it and be marked ICE_TX_BUF_SKB, with next_to_use unchanged. If there is no subsequent packet...
CVE-2026-52993 tipc: fix double-free in tipc_buf_append()
In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipcbufappend tipcmsgvalidate can potentially reallocate the skb it is validating, freeing the old one. In tipcbufappend, it was being called with a pointer to a local variable which was a copy of the...
CVE-2026-52993
In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipcbufappend tipcmsgvalidate can potentially reallocate the skb it is validating, freeing the old one. In tipcbufappend, it was being called with a pointer to a local variable which was a copy of the...
CVE-2026-52982
In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix use-after-free in rtl8150startxmit syzbot reported a KASAN slab-use-after-free read in rtl8150startxmit when accessing skb-len for tx statistics after usbsubmiturb has been called: BUG: KASAN:...
CVE-2026-52981
CVE-2026-52981 concerns a Linux kernel issue in neigh_xmit: when called with an uninitialized neighbor table (e.g., NEIGH_ND_TABLE with IPv6 disabled), neigh_xmit can return -EAFNOSUPPORT without releasing the skb, risking a memory leak. The fix removes the remaining code path that could neither ...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Bonding: A net pointer to skbflowdissect must be provided. After the code “net: plumb network namespace into skbflowdissect”, we need to provide a net pointer to skbflowdissect, either via skb-dev, skb-sk, or a user-provided...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: espintcp: fixed skb leaks. Several error paths now include a kfreeskb...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: fou: Do not allow the value 0 for FOUATTRIPPROTO. The function fouudprecv has the same issue mentioned in the previous patch. If FOUATTRIPPROTO is set to 0, the buffer skb is neither freed by fouudprecv nor sent via "resubmit"-ed...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Wifi: wlcore – Ensure skbheadroom before calling skbpush. This fix prevents occasional skbunderpanic errors in wl1271txwork. In this case, the allocated headroom is less than necessary typically 110 – 94 = 16 bytes...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fixed a memory leak in mt7615mcuwtblstaadd. In mt7615mcuwtblstaadd, an skb object named sskb is allocated. If the subsequent call to mt76connacmcuallocwtblreq fails, the function returns an error without freeing the...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: 6lowpan: resetting the link-local header in the IPv6 receive path The Bluetooth 6lowpan.c netdev module has the headerops function; therefore, it must set the link-local header for the RX skb packet. Otherwise, thin...