12548 matches found
bpf: Check skb->transport_header is set in bpf_skb_check_mtu
...
SUSE CVE-2023-54085
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer dereference on fastopen early fallback In case of early fallback to TCP, subflowsynrecvsock deletes the subflow context before returning the newly allocated sock to the caller. The fastopen path does not...
SUSE CVE-2023-54094
In the Linux kernel, the following vulnerability has been resolved: net: prevent skb corruption on frag list segmentation Ian reported several skb corruptions triggered by rx-gro-list, collecting different oops alike: 62.624003 BUG: kernel NULL pointer dereference, address: 00000000000000c0...
SUSE CVE-2025-68725
In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skbwarnbadoffload from netifskbfeatures - gsofeaturescheck. When a BPF program - triggered via BPF...
EUVD-2023-60303
In the Linux kernel, the following vulnerability has been resolved: gtp: Fix use-after-free in gtpencapdestroy. syzkaller reported use-after-free in gtpencapdestroy. 0 It shows the same process freed sk and touched it illegally. Commit e198987e7dd7 "gtp: fix suspicious RCU usage" added locksock a...
EUVD-2023-60330
In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrcnonstatic: Fix memory leak in nonstaticreleaseresourcedb When nonstaticreleaseresourcedb frees all resources associated with an PCMCIA socket, it forgets to free socketdata too, causing a memory leak observable with...
CVE-2023-54115
In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrcnonstatic: Fix memory leak in nonstaticreleaseresourcedb When nonstaticreleaseresourcedb frees all resources associated with an PCMCIA socket, it forgets to free socketdata too, causing a memory leak observable with...
CVE-2023-54052
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU txs may be dropped if the frame is aggregated in AMSDU. When the problem shows up, some SKBs would be hold in driver to cause network stopped temporarily. Even if the probl...
CVE-2022-50783
In the Linux kernel, the following vulnerability has been resolved: mptcp: use proper req destructor for IPv6 Before, only the destructor from TCP request sock in IPv4 was called even if the subflow was IPv6. It is important to use the right destructor to avoid memory leaks with some advanced IPv...
CVE-2023-54052
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU txs may be dropped if the frame is aggregated in AMSDU. When the problem shows up, some SKBs would be hold in driver to cause network stopped temporarily. Even if the probl...
CVE-2023-54115
In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrcnonstatic: Fix memory leak in nonstaticreleaseresourcedb When nonstaticreleaseresourcedb frees all resources associated with an PCMCIA socket, it forgets to free socketdata too, causing a memory leak observable with...
UBUNTU-CVE-2023-54112
In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcmsendmsg syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 size 240: comm "syz-executor186", pid 5012, jiffies 4294943306 age 13.680s hex dum...
UBUNTU-CVE-2023-54052
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU txs may be dropped if the frame is aggregated in AMSDU. When the problem shows up, some SKBs would be hold in driver to cause network stopped temporarily. Even if the probl...
UBUNTU-CVE-2023-54115
In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrcnonstatic: Fix memory leak in nonstaticreleaseresourcedb When nonstaticreleaseresourcedb frees all resources associated with an PCMCIA socket, it forgets to free socketdata too, causing a memory leak observable with...
CVE-2023-54115 pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrcnonstatic: Fix memory leak in nonstaticreleaseresourcedb When nonstaticreleaseresourcedb frees all resources associated with an PCMCIA socket, it forgets to free socketdata too, causing a memory leak observable with...
CVE-2023-54115
CVE-2023-54115 involves a memory leak in the Linux kernel PCMCIA subsystem: nonstatic_release_resource_db() may forget to free socket_data when freeing resources for a PCMCIA socket. A fix ensures socket_data is freed as part of the cleanup. Details appear in vendor advisories (e.g., Astra/Unity/...
CVE-2023-54114 net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use correct macoffset to unwind gso skb in nshgsosegment As the call trace shows, skbpanic was caused by wrong skb-macheader in nshgsosegment: invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU: 3 PID: 2737 Comm: syz Not...
CVE-2023-54115 pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrcnonstatic: Fix memory leak in nonstaticreleaseresourcedb When nonstaticreleaseresourcedb frees all resources associated with an PCMCIA socket, it forgets to free socketdata too, causing a memory leak observable with...
CVE-2023-54112 kcm: Fix memory leak in error path of kcm_sendmsg()
In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcmsendmsg syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 size 240: comm "syz-executor186", pid 5012, jiffies 4294943306 age 13.680s hex dum...
CVE-2023-54094
CVE-2023-54094 — Linux kernel : The issue arises when GRO-ed packets (rx-gro-list) are bridged to local input and an egress device, where segmentation writes into cloned skbs with shared heads, risking skb corruption and a NULL dereference. A fix was implemented by uncloning as needed for the skb...