1244 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the possible use of a null pointer after a failed clone of SKB, which could lead to a null pointer dereference...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992663)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992663 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio...
bpf: Check skb->transport_header is set in bpf_skb_check_mtu
...
SUSE CVE-2023-54094
In the Linux kernel, the following vulnerability has been resolved: net: prevent skb corruption on frag list segmentation Ian reported several skb corruptions triggered by rx-gro-list, collecting different oops alike: 62.624003 BUG: kernel NULL pointer dereference, address: 00000000000000c0...
SUSE CVE-2025-68725
In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skbwarnbadoffload from netifskbfeatures - gsofeaturescheck. When a BPF program - triggered via BPF...
CVE-2023-54052
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU txs may be dropped if the frame is aggregated in AMSDU. When the problem shows up, some SKBs would be hold in driver to cause network stopped temporarily. Even if the probl...
CVE-2023-54052
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU txs may be dropped if the frame is aggregated in AMSDU. When the problem shows up, some SKBs would be hold in driver to cause network stopped temporarily. Even if the probl...
UBUNTU-CVE-2023-54112
In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcmsendmsg syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 size 240: comm "syz-executor186", pid 5012, jiffies 4294943306 age 13.680s hex dum...
CVE-2023-54114 net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use correct macoffset to unwind gso skb in nshgsosegment As the call trace shows, skbpanic was caused by wrong skb-macheader in nshgsosegment: invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU: 3 PID: 2737 Comm: syz Not...
CVE-2023-54112 kcm: Fix memory leak in error path of kcm_sendmsg()
In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcmsendmsg syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 size 240: comm "syz-executor186", pid 5012, jiffies 4294943306 age 13.680s hex dum...
CVE-2023-54094
CVE-2023-54094 — Linux kernel : The issue arises when GRO-ed packets (rx-gro-list) are bridged to local input and an egress device, where segmentation writes into cloned skbs with shared heads, risking skb corruption and a NULL dereference. A fix was implemented by uncloning as needed for the skb...
CVE-2023-54094 net: prevent skb corruption on frag list segmentation
In the Linux kernel, the following vulnerability has been resolved: net: prevent skb corruption on frag list segmentation Ian reported several skb corruptions triggered by rx-gro-list, collecting different oops alike: 62.624003 BUG: kernel NULL pointer dereference, address: 00000000000000c0...
CVE-2023-54051 net: do not allow gso_size to be set to GSO_BY_FRAGS
In the Linux kernel, the following vulnerability has been resolved: net: do not allow gsosize to be set to GSOBYFRAGS One missing check in virtionethdrtoskb allowed syzbot to crash kernels again 1 Do not allow gsosize to be set to GSOBYFRAGS 0xffff, because this magic value is used by the kernel....
CVE-2023-54052 wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU txs may be dropped if the frame is aggregated in AMSDU. When the problem shows up, some SKBs would be hold in driver to cause network stopped temporarily. Even if the probl...
CVE-2023-54052 wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU txs may be dropped if the frame is aggregated in AMSDU. When the problem shows up, some SKBs would be hold in driver to cause network stopped temporarily. Even if the probl...
CVE-2022-50732
CVE-2022-50732 affects the Linux kernel, specifically the staging driver rtl8192u. The vulnerability is a use-after-free in the ieee80211_rx flow: the skb pointer must not be dereferenced after the call to ieee80211_monitor_rx(), but it may be if the sequence is not ordered correctly. The descrip...
CVE-2022-50732 staging: rtl8192u: Fix use after free in ieee80211_rx()
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192u: Fix use after free in ieee80211rx We cannot dereference the "skb" pointer after calling ieee80211monitorrx, because it is a use after free...
UBUNTU-CVE-2025-68725
In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skbwarnbadoffload from netifskbfeatures - gsofeaturescheck. When a BPF program - triggered via BPF...
CVE-2025-68725
In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skbwarnbadoffload from netifskbfeatures - gsofeaturescheck. When a BPF program - triggered via BPF...
CVE-2025-68363
In the Linux kernel, the following vulnerability has been resolved: bpf: Check skb-transportheader is set in bpfskbcheckmtu The bpfskbcheckmtu helper needs to use skb-transportheader when the BPFMTUCHKSEGS flag is used: bpfskbcheckmtuskb, ifindex, &mtulen, 0, BPFMTUCHKSEGS The transportheader is...