CVE-2024-36886 tipc: fix UAF in error path

In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page sam4k working with Trend Micro Zero Day Initiative reported a UAF in the tipcbufappend error path: BUG: KASAN: slab-use-after-free in kfreeskblistreason+0x47e/0x4c0 linux/net/core/skbuff.c:118...

CVE-2024-26641 ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...

CVE-2023-52435 net: prevent mss overflow in skb_segment()

In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...