112 matches found
GHSA-QH5X-RFWF-RVFV Hysteria vulnerable to server crash when max_datagram_frame_size very small
Summary An authenticated client can crash the Hysteria server by advertising a very small QUIC maxdatagramframesize and then triggering a UDP response from the server. When the server tries to send the UDP response back via QUIC DATAGRAM, quic-go returns DatagramTooLargeError. The server then...
CVE-2026-53151
A flaw was found in the Linux kernel's AFRXRPC subsystem. This vulnerability involves incorrect handling of fragmented UDP packets when parsing the SACK Selective Acknowledgment table. An attacker could potentially craft a fragmented UDP packet to trigger an incorrect buffer access within the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail of a data structure may have some unexpected side effects if a program uses a helper function like BPFFUNCskbpulldata to read partial content beyond th...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013327)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013327 advisory. In the Linux kernel, the following vulnerability has been resolved: net: do not allow gsosize to be set to GSOBYFRAGS One missing check in virtionethdrtoskb allowed...
Azure Linux 3.0 Security Update: kernel (CVE-2024-49978)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49978 advisory. - In the Linux kernel, the following vulnerability has been resolved: gso: fix udp gso fraglist segmentation...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000645)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000645 advisory. The udp6ufofragment function in net/ipv6/udpoffload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly perform a...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002406)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002406 advisory. The udp6ufofragment function in net/ipv6/udpoffload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly perform a...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002275)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002275 advisory. net/ipv6/ip6output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload UFO processing of small packets after the...
EUVD-2011-4258
Malware in sbrugna...
EUVD-2013-4421
Malware in sbrugna...
EUVD-2013-4268
Malware in sbrugna...
EUVD-2013-4338
Malware in sbrugna...
DEBIAN-CVE-2022-50365
In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail can have some unexpected side effects if a program uses a helper like BPFFUNCskbpulldata to read partial content beyond the head skb headlen when all t...
CVE-2022-50365
CVE-2022-50365 pertains to the Linux kernel's skb tail handling during pull operations. The issue can arise when a program uses helpers like BPF_FUNC_skb_pull_data to read content beyond the skb headlen if all fragments are linear, potentially triggering a kernel BUG in net/core/skbuff.c:4219. Th...
CVE-2022-50365 skbuff: Account for tail adjustment during pull operations
In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail can have some unexpected side effects if a program uses a helper like BPFFUNCskbpulldata to read partial content beyond the head skb headlen when all t...
DEBIAN-CVE-2025-38622
In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udprcvsegment When sending a packet with virtionethdr to tun device, if the gsotype in virtionethdr is SKBGSOUDP and the gsosize is less than udphdr size, below crash may happen. ------------ cut here...
SUSE CVE-2025-38124
In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skbsegment after pull from fraglist Commit a1e40ac5b5e9 "net: gso: fix udp gso fraglist segmentation after pull from fraglist" detected invalid geometry in fraglist skbs and redirects them from skbsegmentlist to...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup bsc1225820. CVE-2024-27397: netfilter: nftables: use timestamp to check for set...
PT-2025-34384
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.16.0-rc7 Description: A flaw exists in the Linux kernel related to handling UDP packets with specific configurations. Specifically, when a packet with a virtio net hdr is sent to a tun device with SKB GSO UDP...
PT-2024-33820
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58 Description: The issue concerns the Linux kernel, where a vulnerability has been resolved related to the handling of UDP GSO fraglist segmentation after data is pulled from the frag list. This occurs when...