PT-2025-33588

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to memory allocation for the skb shared info member of an skb socket buffer during the transition from netdev alloc ip align to build skb...

Linux Distros Unpatched Vulnerability : CVE-2025-37757

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tipc: fix memory leak in tipclinkxmit In case the backlog transmit queue for system-importance messages is overloaded, tipclinkxmit returns -ENOBUFS but the skb...

Linux Distros Unpatched Vulnerability : CVE-2025-38165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix panic when calling skblinearize The panic can be reproduced by executing t...

Linux Distros Unpatched Vulnerability : CVE-2022-50172

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mt76: mt76x02u: fix possible memory leak in mt76x02umcusendmsg Free the skb if mt76ubulkmsg fails in mt76x02umcusendmsg routine. CVE-2022-50172 Note that Nessus...

kernel: wifi: ath12k: fix invalid access to memory

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12kdprxmsducoalesce, rxcb is fetched from skb and boolean iscontinuation is part of rxcb. Currently, after freeing the skb, the rxcb-iscontinuation accessed again which is wrong...

kernel: ipv6: mcast: extend RCU protection in igmp6_send()

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6send igmp6send can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use...

Linux Distros Unpatched Vulnerability : CVE-2024-35970

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: afunix: Clear stale u-oobskb. syzkaller started to report deadlock of unixgclock after commi...

Linux Distros Unpatched Vulnerability : CVE-2025-21925

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - llc: do not use skbget before devqueuexmit syzbot is able to crash hosts 1, using llc and devices not supporting IFFTXSKBSHARING. In this case, e1000 driver cal...

Linux Distros Unpatched Vulnerability : CVE-2023-52577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dccp: fix dccpv4err/dccpv6err again dh-dccphx is the 9th byte offset 8 in struct dccphdr, no...

Linux Distros Unpatched Vulnerability : CVE-2022-48958

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ethernet: aeroflex: fix potential skb leak in grethinitrings The grethinitrings function won't free the newly allocated skb when dmamappingerror returns error, ...

Linux Distros Unpatched Vulnerability : CVE-2025-21961

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eth: bnxt: fix truesize for mb-xdp-pass case When mb-xdp is set and return is XDPPASS, packet is converted from xdpbuff to skbuff with xdpupdateskbsharedinfo in...

Linux Distros Unpatched Vulnerability : CVE-2025-37749

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ppp: Add bound checking for skb data on pppsynctxmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents...

Linux Distros Unpatched Vulnerability : CVE-2022-48722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: ca8210: Stop leaking skb's Upon error the ieee802154xmitcomplete helper is...

Linux Distros Unpatched Vulnerability : CVE-2023-53062

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: smsc95xx: Limit packet length to skb-len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the...

net: clear the dst when changing skb protocol

...

atm: atmtcp: Free invalid length skb in atmtcp_c_send().

...

net_sched: sch_sfq: fix a potential crash on gso_skb handling

...

Linux Distros Unpatched Vulnerability : CVE-2024-26825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfc: nci: free rxdatareassembly skb on NCI device cleanup rxdatareassembly skb is stored during NCI data exchange for processing fragmented packets. It is dropp...

kernel: net: atm: fix use after free in lec_send()

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...

UBUNTU-CVE-2025-38490

In the Linux kernel, the following vulnerability has been resolved: net: libwx: remove duplicate pagepoolputfullpage pagepoolputfullpage should only be invoked when freeing Rx buffers or building a skb if the size is too short. At other times, the pages need to be reused. So remove the redundant...