26 matches found
kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers
A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...
kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers
A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...
kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers
A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
Transmitted requests in Xen’s virtual network protocol can consist of multiple parts. Although none of them are actually useful, except for the initial part, any of these parts can be of zero length, meaning they carry no data at all. In addition to the certain initial portion of the data to be...
SUSE-SU-2026:21665-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...
SUSE-SU-2026:21662-1 Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...
VulnCheck KEV: CVE-2026-43500
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...
xfrm: esp: avoid in-place decrypt on shared skb frags
...
Important: kernel6.18
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: afunix: Give up GC if MSGPEEK intervened. CVE-2026-23394 In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths CVE-2026-23442 In the Linux kernel, the...
Unbreakable Enterprise kernel security update: Dirty Frag
5.4.17-2136.354.4.3 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39342682 CVE-2026-43284...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections CVE-2025-68206 In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: reject rev0 reuse of ALARM timer labels...
Important: kernel-livepatch-6.18.15-14.217
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...
CVE-2026-43465
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the XDP multiple buffer fragment count in the net mlx5e RX component. This count does not correct...
SUSE CVE-2026-31616
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fphonet: fix skb frags overflow in pnrxcomplete A broken/bored/mean USB host can overflow the skbsharedinfo-frags array on a Linux gadget exposing a Phonet function by sending an unbounded sequence of full-page OUT...
DEBIAN-CVE-2026-31616
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fphonet: fix skb frags overflow in pnrxcomplete A broken/bored/mean USB host can overflow the skbsharedinfo-frags array on a Linux gadget exposing a Phonet function by sending an unbounded sequence of full-page OUT...
EUVD-2026-25509
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fphonet: fix skb frags overflow in pnrxcomplete A broken/bored/mean USB host can overflow the skbsharedinfo-frags array on a Linux gadget exposing a Phonet function by sending an unbounded sequence of full-page OUT...
CVE-2026-31616
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fphonet: fix skb frags overflow in pnrxcomplete A broken/bored/mean USB host can overflow the skbsharedinfo-frags array on a Linux gadget exposing a Phonet function by sending an unbounded sequence of full-page OUT...
PT-2026-34968
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the USB gadget Phonet function where a USB host can cause an overflow of the skb shared info-frags array. This occurs when the host sends an unbounded sequence of...
SUSE CVE-2026-23172
In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb-frags overflow in RX path When receiving data in the DPMAIF RX path, the t7xxdpmaifsetfragtoskb function adds page fragments to an skb without checking if the number of fragments has exceeded...