1244 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: A potential memory leak has been fixed in bcmaspxmit. bcmaspxmit returns NETDEVTXOK without freeing the skb in case of mapping failures. Add devkfreeskb to address this issue...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ionic: Use devconsumeskbany outside of the NAPI context. If we are not in an NAPI softirq context, we need to be careful about how we call napiconsumeskb. Specifically, we need to call it with budget==0 to signal that we are not ...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
A flaw was discovered in the Linux kernel’s networking code. A use-after-free occurred in the way the schsfb enqueue function utilized the socket buffer SKB cb field after the same SKB had been enqueued and freed into a child qdisc. This flaw allows a local, unprivileged user to cause a system...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k – Avoid referencing uninitialized memory in ath9kwmictrlrx. The reasons for this fix are also described in commit b383e8abed41 “Wifi: ath9k – Avoid uninitialized memory reading in ath9khtcrxmsg”. In ath9khtcrxmsg, it ...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: actct: fix skb leak and crash on ooo frags actct adds skb-users before defragmentation. If frags arrive in order, the reference of the last frag is reset in inetfragreasmprepare, skbmorph. This is not straightforwar...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fixed a possible memory leak in the mt7915mcuaddsta routine. The allocated skb was freed in the mt7915mcuaddsta routine in case of failures...
Linux Distros Unpatched Vulnerability : CVE-2026-43011
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/x25: Fix potential double free of skb When allocskb fails in x25queuerxframe it calls kfreeskbskb at line 48 and returns 1 error. This error propagates bac...
CVE-2026-43011
A flaw was found in the Linux kernel's X.25 networking component. This vulnerability, a double free, occurs when a socket buffer skb allocation fails in x25queuerxframe, causing the same skb to be freed twice. This improper memory handling can lead to a system crash, resulting in a Denial of...
CVE-2026-43036
In the Linux kernel, the following vulnerability has been resolved: net: use skbheaderpointer for TCPv4 GSO fragoff check Syzbot reported a KMSAN uninit-value warning in gsofeaturescheck called from netifskbfeatures 1. gsofeaturescheck reads iph-fragoff to decide whether to clear mangleidfeatures...
CVE-2026-43029
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix soft lockup in mptcprecvmsg syzbot reported a soft lockup in mptcprecvmsg 0. When receiving data with MSGPEEK | MSGWAITALL flags, the skb is not removed from the skreceivequeue. This causes skwaitdata to always find...
EUVD-2026-26638
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...
CVE-2026-43038 ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()
In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach Sashiko AI-review observed: In ip6errgenicmpv6unreach, the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inetskbparm. When skb is cloned into skb2 and...
CVE-2026-43037
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: clear skb2-cb in ip4ip6err Oskar Kjos reported the following problem. ip4ip6err calls icmpsend on a cloned skb whose cb was written by the IPv6 receive path as struct inet6skbparm. icmpsend passes IPCBskb2 to...
CVE-2026-43037
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: clear skb2-cb in ip4ip6err Oskar Kjos reported the following problem. ip4ip6err calls icmpsend on a cloned skb whose cb was written by the IPv6 receive path as struct inet6skbparm. icmpsend passes IPCBskb2 to...
EUVD-2026-26636
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: clear skb2-cb in ip4ip6err Oskar Kjos reported the following problem. ip4ip6err calls icmpsend on a cloned skb whose cb was written by the IPv6 receive path as struct inet6skbparm. icmpsend passes IPCBskb2 to...
EUVD-2026-26628
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix soft lockup in mptcprecvmsg syzbot reported a soft lockup in mptcprecvmsg 0. When receiving data with MSGPEEK | MSGWAITALL flags, the skb is not removed from the skreceivequeue. This causes skwaitdata to always find...
CVE-2026-43011 net/x25: Fix potential double free of skb
In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When allocskb fails in x25queuerxframe it calls kfreeskbskb at line 48 and returns 1 error. This error propagates back through the call chain: x25queuerxframe returns 1 | v x25state3machi...
CVE-2026-43011
The CVE-2026-43011 issue concerns the Linux kernel net/x25 path where a skb may be freed twice due to a double-free path: if alloc_skb fails in x25_queue_rx_frame, kfree_skb(skb) is called, and later x25_backlog_rcv may free the same skb again, causing a crash/DoS. Public advisories confirm this ...
CVE-2026-43011
In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When allocskb fails in x25queuerxframe it calls kfreeskbskb at line 48 and returns 1 error. This error propagates back through the call chain: x25queuerxframe returns 1 | v x25state3machi...
CVE-2026-43011
In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When allocskb fails in x25queuerxframe it calls kfreeskbskb at line 48 and returns 1 error. This error propagates back through the call chain: x25queuerxframe returns 1 | v x25state3machi...