Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: erspan: Do not use skbmacheader in ndostartxmit Drivers should not assume that skbmacheaderskb == skb-data in their ndostartxmit functions. Instead, use skbnetworkoffset and skbtransportoffset, which better describe what is...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ERSPAN: Ensure that erspanbasehdr is present in skb-head. SYZBOT reported a problem with ip6erspanrcv 1. The issue is that ip6erspanrcv and erspanrcv no longer ensures that erspanbasehdr is present in the linear part of skb-he...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by an attributes called countedbyoptionslen. The compiler will use this information to...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: erspan: Do not assume that the transport header is always set. Rewrite the tests for ip6erspantunnelxmit and erspanfbxmit to not assume that the transport header is set. syzbot reported: WARNING: CPU: 0 PID: 1350 at...

CLSA-2026-1773048865 kernel: Fix of 53 CVEs

xhci: Remove device endpoints from bandwidth list when freeing the device CVE-2022-50470 - HID: multitouch: Add NULL check in mtinputconfigured CVE-2024-58020 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - fs: writeback: fix use-after-free in markinodedirty...

SUSE CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

UBUNTU-CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

CVE-2025-71128 erspan: Initialize options_len before referencing options.

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

CVE-2025-71128 erspan: Initialize options_len before referencing options.

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

CVE-2025-71128

CVE-2025-71128 is a Linux kernel vulnerability affecting GRE ERSPAN processing. The issue stems from the ip_tunnel_info structure’s flexible array member options, protected by a count options_len, where the counter must be initialized before first referencing options. The GRE ERSPAN code performe...

Linux Distros Unpatched Vulnerability : CVE-2025-71128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993299)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993299 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: do not use skbmacheader in ndostartxmit Drivers should not assume skbmacheaderskb ==...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992336)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992336 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: do not use skbmacheader in ndostartxmit Drivers should not assume skbmacheaderskb ==...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992662 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: do not use skbmacheader in ndostartxmit Drivers should not assume skbmacheaderskb ==...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990498)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990498 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: do not assume transport header is always set Rewrite tests in ip6erspantunnelxmit and...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989350)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989350 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: do not assume transport header is always set Rewrite tests in ip6erspantunnelxmit and...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989393)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989393 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: do not assume transport header is always set Rewrite tests in ip6erspantunnelxmit and...