CVE-2026-45929

In CVE-2026-45929, Linux kernel ovpn: fix possible use-after-free in ovpn_net_xmit. The vulnerability arises when skb_share_check frees the original skb during skb_list construction, but subsequent operations re-use a now-stale skb pointer (peer lookup, skb_dst_drop, and ovpn_peer_stats_increment...

PT-2026-43796

In the Linux kernel, the following vulnerability has been resolved: ovpn: fix possible use-after-free in ovpn net xmit When building the skb list in ovpn net xmit, skb share check will free the original skb if it is shared. The current implementation continues to use the stale skb pointer for...

EUVD-2026-24817

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix UAF on dstops when IFFXMITDSTRELEASE is cleared and napitx is false A UAF issue occurs when the virtionet driver is configured with napitx=N and the device's IFFXMITDSTRELEASE flag is cleared e.g., during the...

tcp: drop secpath at the same time as we currently drop dst

...

kernel: ipv4: Invalid IP options could cause skb->dst drop

A vulnerability was found in the Linux kernel where having malicious IP options present would cause the ipv4pktinfoprepare function to drop/free the dst. This could result in a system crash or possible privilege escalation...

kernel: ipv4: Invalid IP options could cause skb->dst drop

A vulnerability was found in the Linux kernel where having malicious IP options present would cause the ipv4pktinfoprepare function to drop/free the dst. This could result in a system crash or possible privilege escalation...