85 matches found
EUVD-2026-42870
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propagate the SKBFLSHAREDFRAG flag. This is the same class of bug that was...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: Preserve the shared-frag marker during coalescing The skbtrycoalesce function can attach paged fragments from @from to @to. If @from has the SKBFLSHAREDFRAG flag set, the resulting @to skb can contain the same...
CVE-2026-46300 net: skbuff: preserve shared-frag marker during coalescing
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skbtrycoalesce can attach paged frags from @from to @to. If @from has SKBFLSHAREDFRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backe...
CVE-2026-43503
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the skbtrycoalesce function does not propagate the SKBFLSHAREDFRAG flag during...
PT-2026-42878
Name of the Vulnerable Software and Affected Versions Linux kernel versions 7.1-rc1 through 7.1-rc4 Description A local privilege escalation issue exists in the Linux networking stack skbuff component due to the improper propagation of the SKBFL SHARED FRAG flag during fragment transfers. Several...
kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers
A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...
kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers
A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ethtool: ioctl: fixed a potential NULL dereference in ethtoolsetcoalesce. ethtoolsetcoalesce now uses both .getcoalesce and .setcoalesce callbacks. However, the check for their availability is buggy. Therefore, changing the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3 – A buffer overflow vulnerability may occur when reading coalesce info via debugfs. The hns3 driver defines an array of strings to store coalesce info. However, if the kernel introduces a new mode or state, a buffer...
The vulnerability of the skb_try_coalesce() function in the Linux operating system allows a hacker to increase their privileges.
The vulnerability of the skbtrycoalesce function in the Linux operating system is related to the execution of operations outside of the buffer boundaries. Exploiting this vulnerability can allow an attacker to enhance their privileges...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013688)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013688 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs The hns3...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011362)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011362 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs The hns3...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006660)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006660 advisory. In the Linux kernel, the following vulnerability has been resolved: net: preserve skbendoffset in skbunclonekeeptruesize syzbot found another way to trigger the...
CVE-2026-23057 vsock/virtio: Coalesce only linear skb
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...
CVE-2026-23057 vsock/virtio: Coalesce only linear skb
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...
CVE-2026-23057
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...
CVE-2026-23057
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004095)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004095 advisory. An issue was discovered in the Linux kernel through 5.6.11. btreegccoalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. Tenable has...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000443)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000443 advisory. An issue was discovered in the Linux kernel through 5.6.11. btreegccoalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. Tenable has...