kernel: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()

A flaw was found in the ath9k USB Wi-Fi driver in the Linux kernel. In certain conditions within the ath9khifusbregincb path, a socket buffer skb may be freed prematurely and then freed again on an error path, leading to a use-after-free condition. Additionally, failure to allocate a new skb can...

PT-2025-18871 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.4-cloudflare-kasan-2023.1.2 Description: A use-after-free issue has been identified in the Linux kernel, specifically in the veth module. This issue arises when the pskb expand head function is used to expan...

USN-6441-2 linux-gcp-5.4 vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

USN-6440-1 linux, linux-aws, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities

Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information kernel memory or in conjunction with another kernel vulnerability. CVE-2023-0597 It was discovere...

kernel: denial of service problem in net/unix/diag.c

A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unixdiaggetexact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service...

DEBIAN-CVE-2023-42754

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before calling ipoptionscompile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAPNETADMIN privileges t...

CVE-2023-42754

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before calling ipoptionscompile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAPNETADMIN privileges t...

AZL-31271 CVE-2023-42754 affecting package kernel for versions less than 5.15.135.1-2

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before calling ipoptionscompile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAPNETADMIN privileges t...

CVE-2023-42754

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before calling ipoptionscompile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAPNETADMIN privileges t...

CVE-2023-42754

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before calling ipoptionscompile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAPNETADMIN privileges t...

CVE-2023-42754

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before calling ipoptionscompile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAPNETADMIN privileges t...

kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

PT-2025-53189

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the kcm sendmsg function. The issue occurs when an error happens after some bytes have been copied during message sending, leaving the last skb...

kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

Python TLS Handshake Bypass (CVE-2023-40217)

The version of Python installed on the remote Windows host is potentially affected by a vulnerability that primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly,...

kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

PT-2025-49645

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the mt76 and mt7921 components related to SDIO header handling. Specifically, the mt7921 usb sdio tx prepare skb function does not adequately ensu...

kernel: remote DoS in TIPC kernel module

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of skb-cb initialization, which can be exploited by an attacker to cause the existence of heap-based...