9 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2025-21867)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21867 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix use-after-free issue i...
Oracle Linux 10 : kernel (ELSA-2025-14009)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14009 advisory. - tls: always refresh the queue when reading sock - CVE-2025-38471 - net: fix udp gso skbsegment after pull from fraglist - CVE-2025-38124 - Bluetoot...
CVE-2025-21867 affecting package kernel for versions less than 6.6.82.1-1
CVE-2025-21867 affecting package kernel for versions less than 6.6.82.1-1. An upgraded version of the package is available that resolves this issue...
SUSE CVE-2025-21867
In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix use-after-free issue in ethskbpkttype KMSAN reported a use-after-free issue in ethskbpkttype1. The cause of the issue was that ethskbpkttype accessed skb's data that didn't contain an Ethernet header. This occur...
CVE-2025-21867
In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix use-after-free issue in ethskbpkttype KMSAN reported a use-after-free issue in ethskbpkttype1. The cause of the issue was that ethskbpkttype accessed skb's data that didn't contain an Ethernet header. This occur...
CVE-2025-21867
In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix use-after-free issue in ethskbpkttype KMSAN reported a use-after-free issue in ethskbpkttype1. The cause of the issue was that ethskbpkttype accessed skb's data that didn't contain an Ethernet header. This occur...
CVE-2025-21867
In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix use-after-free issue in ethskbpkttype KMSAN reported a use-after-free issue in ethskbpkttype1. The cause of the issue was that ethskbpkttype accessed skb's data that didn't contain an Ethernet header. This occur...
CVE-2025-21867 bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()
In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix use-after-free issue in ethskbpkttype KMSAN reported a use-after-free issue in ethskbpkttype1. The cause of the issue was that ethskbpkttype accessed skb's data that didn't contain an Ethernet header. This occur...
CVE-2025-21867
CVE-2025-21867 concerns the Linux kernel’s BPF test_run path, where eth_skb_pkt_type() could read skb data without an Ethernet header if bpf_prog_test_run_xdp() passed an invalid user_data value. KMSAN reported a use-after-free in this path. The root cause is access to data that may not contain E...