14 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: In the bpf code, the splat operation in skbpullreason can cause an issue. The syzkaller build with CONFIGDEBUGNET=y frequently triggers a debug hint in skbmaypull. We would like to keep this debug check because it might indicate...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mptcp: Handle DDS corruption consistently. The buggy peer implementation may send corrupted DSS options, consistently causing several warnings in the data path. Use DEBUGNET assertions to avoid errors on some builds and to handle...
PT-2025-52899
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The bpf skb check mtu helper in the Linux kernel does not properly validate the skb-transport header, potentially leading to issues when the BPF MTU CHK SEGS flag is used. Specifically,...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: idpf: fixed checksums set in idpfrxrsc idpfrxrsc uses skbtransportoffsetskb when the transport header is not yet set. This triggers the following warning in builds with CONFIGDEBUGNET=y:...
SUSE CVE-2025-21890
In the Linux kernel, the following vulnerability has been resolved: idpf: fix checksums set in idpfrxrsc idpfrxrsc uses skbtransportoffsetskb while the transport header is not set yet. This triggers the following warning for CONFIGDEBUGNET=y builds. DEBUGNETWARNONONCE!skbtransportheaderwassetskb...
DEBIAN-CVE-2025-21890
In the Linux kernel, the following vulnerability has been resolved: idpf: fix checksums set in idpfrxrsc idpfrxrsc uses skbtransportoffsetskb while the transport header is not set yet. This triggers the following warning for CONFIGDEBUGNET=y builds. DEBUGNETWARNONONCE!skbtransportheaderwassetskb...
CVE-2025-21890 idpf: fix checksums set in idpf_rx_rsc()
In the Linux kernel, the following vulnerability has been resolved: idpf: fix checksums set in idpfrxrsc idpfrxrsc uses skbtransportoffsetskb while the transport header is not set yet. This triggers the following warning for CONFIGDEBUGNET=y builds. DEBUGNETWARNONONCE!skbtransportheaderwassetskb...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: Use DEBUGNETWARNONONCE. The following issue is easy to reproduce both upstream and in the -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 “net: add and use skbgethashsymmetricnet"...
SUSE CVE-2024-50185
In the Linux kernel, the following vulnerability has been resolved: mptcp: handle consistently DSS corruption Bugged peer implementation can send corrupted DSS options, consistently hitting a few warning in the data path. Use DEBUGNET assertions, to avoid the splat on some builds and handle...
SUSE CVE-2024-42321
In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: use DEBUGNETWARNONONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 "net: add and use skbgethashsymmetricnet" bu...
AZL-68357 CVE-2024-42321 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: use DEBUGNETWARNONONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 "net: add and use skbgethashsymmetricnet" bu...
DEBIAN-CVE-2024-42321
In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: use DEBUGNETWARNONONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 "net: add and use skbgethashsymmetricnet" bu...
SUSE CVE-2024-40996
In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid splat in pskbpullreason syzkaller builds CONFIGDEBUGNET=y frequently trigger a debug hint in pskbmaypull. We'd like to retain this debug check because it might hint at integer overflows and other issues kernel code...
UBUNTU-CVE-2024-40996
In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid splat in pskbpullreason syzkaller builds CONFIGDEBUGNET=y frequently trigger a debug hint in pskbmaypull. We'd like to retain this debug check because it might hint at integer overflows and other issues kernel code...