8 matches found
Oracle Linux 10 : kernel (ELSA-2025-21931)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21931 advisory. - fs/smb: Fix inconsistent refcnt update Paulo Alcantara RHEL-124955 CVE-2025-39819 - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. Antoine Tenart...
kernel: tls: make sure to abort the stream if headers are bogus
In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...
tls: make sure to abort the stream if headers are bogus
...
EUVD-2025-32391
In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...
CVE-2025-39946
In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...
CVE-2025-39946 tls: make sure to abort the stream if headers are bogus
In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...
CVE-2025-39946 tls: make sure to abort the stream if headers are bogus
In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...
CVE-2025-39946
CVE-2025-39946 affects the Linux kernel TLS/record parsing path. When a record header is bogus and data arrives in small chunks, tls_rx_msg_size() may not abort early enough, risking skb space overflow due to repeated partial parsing. The fixed behavior aborts the TLS stream as soon as an invalid...