90 matches found
EUVD-2026-38719
In the Linux kernel, the following vulnerability has been resolved: batman-adv: frag: disallow unicast fragment in fragment batadvfragskbbuffer is called by batadvbatmanskbrecv when a BATADVUNICASTFRAG packet is received. Once all fragments are collected and the packet is reassembled,...
CVE-2026-52916
The CVE-2026-52916 issue affects the Linux kernel’s BATMAN-adv fragment handling. batadv_frag_skb_buffer() is invoked when a BATADV_UNICAST_FRAG packet is received, and after defragmentation, batadv_batman_skb_recv() processes the payload again. A malicious sender could craft a BATADV_UNICAST_FRA...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: cfg80211 – Fixed an issue where out-of-bounds access occurred during the multi-link element defragmentation process. Currently, during the multi-link element defragmentation process, the length of the multi-link element is...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fix for defragmentation path triggering jbd2 assertion. Code paths: - ocfs2ioctlmoveextents - ocfs2moveextents - ocfs2defragextent - ocfs2moveextent - + ocfs2journalaccessdi - + ocfs2splitextent // Sub-path calls...
Suricata 8.x < 8.0.5 Multiple Vulnerabilities
The version of OISF Suricata installed on the remote host is 8.x prior to 8.0.5. It is, therefore, affected by multiple vulnerabilities, including: - LDAP transaction state could store an unbounded number of responses. Because LDAP can be processed over UDP, crafted traffic may cause Suricata to...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: actct: fix skb leak and crash on ooo frags actct adds skb-users before defragmentation. If frags arrive in order, the reference of the last frag is reset in inetfragreasmprepare, skbmorph. This is not straightforwar...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks. As Paolo mentioned earlier 1: “Since the problematic commit below, classify can return TCACTCONSUMED while holding a skb that is currently being...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007582)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007582 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: clear extent cache after moving/defragmenting extents The extent map cache can become stal...
CVE-2026-23270
In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier 1: "Since the blamed commit below, classify can return TCACTCONSUMED while the current skb being held by the defragmentation...
CVE-2026-23270
In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier 1: "Since the blamed commit below, classify can return TCACTCONSUMED while the current skb being held by the defragmentation...
UBUNTU-CVE-2026-23270
In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier 1: "Since the blamed commit below, classify can return TCACTCONSUMED while the current skb being held by the defragmentation...
CVE-2026-23270 net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks
In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier 1: "Since the blamed commit below, classify can return TCACTCONSUMED while the current skb being held by the defragmentation...
CVE-2026-23270
CVE-2026-23270 pertains to the Linux kernel net/sched subsystem. The fix restricts the use of TC action act_ct to only bind to clsact/ingress qdiscs and shared blocks, preventing its use on the egress path. The change addresses a scenario where classify could return TC_ACT_CONSUMED while the skb ...
CVE-2026-23016
In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...
UBUNTU-CVE-2026-23016
In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...
EUVD-2026-5078
In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...
CVE-2026-23016
In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...
CVE-2026-23016 inet: frags: drop fraglist conntrack references
In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...
CVE-2026-23016
The CVE concerns the Linux kernel’s conntrack/frag handling (inet: frags: drop fraglist conntrack references). A bug allows reassembled skb fragments to retain nf_conn references via frag_list, causing conntrack cleanup to block (hangs up to ~60s) when fragmentation/reassembly occurs (UDP/TCP pat...
PT-2026-5519
In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nf conntrack cleanup net list to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce...