28 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: Fixed the truesize for the mb-xdp-pass case. When mb-xdp is set and return is XDPPASS, the packet is converted from xdpbuff to skbuff using xdpupdateskbsharedinfo in bnxtxdpbuildskb. However, bnxtxdpbuildskb passes an...
SUSE CVE-2026-46322
In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...
CVE-2026-46322
A flaw was found in the Linux kernel's tun driver. This vulnerability occurs when the buildskb function fails within tunxdpone, leading to a failure to free an allocated memory page. Each such failure results in a memory leak, where a 'page-frag chunk' is not released. Over time, repeated...
UBUNTU-CVE-2026-46322
In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...
CVE-2026-46322
In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...
CVE-2026-46322
The CVE relates to the Linux kernel tun driver vulnerability CVE-2026-46322. When build_skb() fails inside tun_xdp_one(), the function returns -ENOMEM without freeing the allocated page for the frame, causing a memory leak of one page-frag chunk per failed build_skb() in a batch. The root cause i...
CVE-2026-46322
In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...
Linux Distros Unpatched Vulnerability : CVE-2026-46322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns...
PT-2026-47757
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the tap get user xdp function. When a frame is shorter than ETH HLEN, the function returns -EINVAL; similarly, it returns -ENOMEM if build skb fails. In both...
CVE-2026-46188
In the Linux kernel, the following vulnerability has been resolved: octeonepvf: add NULL check for napibuildskb napibuildskb can return NULL on allocation failure. In octepvfoqprocessrx, the result is used directly without a NULL check in both the single-buffer and multi-fragment paths, leading t...
EUVD-2026-32815
In the Linux kernel, the following vulnerability has been resolved: octeonepvf: add NULL check for napibuildskb napibuildskb can return NULL on allocation failure. In octepvfoqprocessrx, the result is used directly without a NULL check in both the single-buffer and multi-fragment paths, leading t...
CVE-2026-46188
CVE-2026-46188 affects the Linux kernel in the octeon_ep_vf driver. The vulnerability arises because napi_build_skb() can return NULL on allocation failure and __octep_vf_oq_process_rx() uses the result without checking for NULL in both the single-buffer and multi-fragment paths, causing a NULL p...
CVE-2026-46188
In the Linux kernel, the following vulnerability has been resolved: octeonepvf: add NULL check for napibuildskb napibuildskb can return NULL on allocation failure. In octepvfoqprocessrx, the result is used directly without a NULL check in both the single-buffer and multi-fragment paths, leading t...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: qede: ensure that the skb is allocated before use. qedebuildskb assumes that buildskb always works and proceeds directly to skbreserve. However, buildskb may fail under memory pressure. This results in a kernel panic because the...
CVE-2026-43039
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991212)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991212 advisory. In the Linux kernel, the following vulnerability has been resolved: qede: confirm skb is allocated before using qedebuildskb assumes buildskb always works and goes...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990532)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990532 advisory. In the Linux kernel, the following vulnerability has been resolved: qede: confirm skb is allocated before using qedebuildskb assumes buildskb always works and goes...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988726)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988726 advisory. In the Linux kernel, the following vulnerability has been resolved: qede: confirm skb is allocated before using qedebuildskb assumes buildskb always works and goes...
EUVD-2022-55276
Malicious code in bioql PyPI...
SUSE CVE-2022-49997
In the Linux kernel, the following vulnerability has been resolved: net: lantiqxrx200: restore buffer if memory allocation failed In a situation where memory allocation fails, an invalid buffer address is stored. When this descriptor is used again, the system panics in the buildskb function when...