Lucene search
+L

73 matches found

OSV
OSV
added 2026/05/28 9:35 a.m.2 views

CVE-2026-46120 ip6_gre: Use cached t->net in ip6erspan_changelink().

In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References11
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head syzbot reported a problem in ip6erspanrcv 1 Issue is that ip6erspanrcv and erspanrcv no longer make sure erspanbasehdr is present in skb linear part skb-head before getting...

5.5CVSS6.3AI score0.0025EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: erspan: Do not assume that the transport header is always set. Rewrite the tests for ip6erspantunnelxmit and erspanfbxmit to not assume that the transport header is set. syzbot reported: WARNING: CPU: 0 PID: 1350 at...

5.5CVSS6.3AI score0.00274EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: erspan: Do not use skbmacheader in ndostartxmit. Drivers should not assume that skbmacheaderskb == skb-data in their ndostartxmit functions. Instead, use skbnetworkoffset and skbtransportoffset, which better describe what is...

7.8CVSS6.2AI score0.00194EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo structure has a flexible array member named options, which is protected by the countedbyoptionslen attribute. The compiler uses this information to...

5.5CVSS5.6AI score0.00124EPSS
Exploits0References1
OSV
OSV
added 2026/03/09 9:34 a.m.13 views

CLSA-2026-1773048865 kernel: Fix of 53 CVEs

xhci: Remove device endpoints from bandwidth list when freeing the device CVE-2022-50470 - HID: multitouch: Add NULL check in mtinputconfigured CVE-2024-58020 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - fs: writeback: fix use-after-free in markinodedirty...

8CVSS7AI score0.00618EPSS
Exploits6References1
SUSE CVE
SUSE CVE
added 2026/01/16 12:26 a.m.6 views

SUSE CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

5.5CVSS6.6AI score0.00124EPSS
Exploits0References4
NVD
NVD
added 2026/01/14 3:16 p.m.8 views

CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

5.5CVSS0.00124EPSS
Exploits0References2
OSV
OSV
added 2026/01/14 3:16 p.m.7 views

UBUNTU-CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

5.5CVSS5.9AI score0.00124EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/01/14 3:7 p.m.33 views

CVE-2025-71128 erspan: Initialize options_len before referencing options.

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

0.00124EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/01/14 3:7 p.m.9 views

CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

5.5CVSS5.5AI score0.00124EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/01/14 3:7 p.m.6 views

CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

5.4AI score0.00124EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/01/14 3:7 p.m.5 views

CVE-2025-71128 erspan: Initialize options_len before referencing options.

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

5.5CVSS5.5AI score0.00124EPSS
Exploits0References5
CVE
CVE
added 2026/01/14 3:7 p.m.20 views

CVE-2025-71128

CVE-2025-71128 is a Linux kernel vulnerability affecting GRE ERSPAN processing. The issue stems from the ip_tunnel_info structure’s flexible array member options, protected by a count options_len, where the counter must be initialized before first referencing options. The GRE ERSPAN code performe...

5.5CVSS6.2AI score0.00124EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-71128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a...

5.5CVSS6.1AI score0.00124EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993299)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993299 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: do not use skbmacheader in ndostartxmit Drivers should not assume skbmacheaderskb ==...

7.8CVSS6.4AI score0.00194EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992662 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: do not use skbmacheader in ndostartxmit Drivers should not assume skbmacheaderskb ==...

7.8CVSS6.4AI score0.00194EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992336)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992336 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: do not use skbmacheader in ndostartxmit Drivers should not assume skbmacheaderskb ==...

7.8CVSS6.4AI score0.00194EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990498)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990498 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: do not assume transport header is always set Rewrite tests in ip6erspantunnelxmit and...

5.5CVSS5.4AI score0.00274EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989393)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989393 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: do not assume transport header is always set Rewrite tests in ip6erspantunnelxmit and...

5.5CVSS5.4AI score0.00274EPSS
Exploits0References4
Rows per page
Query Builder