20 matches found
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990457)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990457 advisory. In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth...
Linux Distros Unpatched Vulnerability : CVE-2024-38538
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value1 error in bridge device's xmit path by sending a short less...
CVE-2022-49066
In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with actmirred, skbheadlen may be 0. But vethxmit calls devforwardskb, which expects at least ETHHLEN byte of linear data as...
DEBIAN-CVE-2022-49066
In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with actmirred, skbheadlen may be 0. But vethxmit calls devforwardskb, which expects at least ETHHLEN byte of linear data as...
CVE-2022-49066 veth: Ensure eth header is in skb's linear part
In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with actmirred, skbheadlen may be 0. But vethxmit calls devforwardskb, which expects at least ETHHLEN byte of linear data as...
CVE-2022-49066
The CVE-2022-49066 issue affects the Linux kernel’s veth path. When a decapsulated packet is fed to a veth device with act_mirred, skb_headlen() may be 0, yet veth_xmit() forwards the skb to __dev_forward_skb() which unconditionally requires ETH_HLEN bytes of linear data. The root cause is the mi...
CVE-2022-49066 veth: Ensure eth header is in skb's linear part
In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with actmirred, skbheadlen may be 0. But vethxmit calls devforwardskb, which expects at least ETHHLEN byte of linear data as...
CVE-2022-49066
In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with actmirred, skbheadlen may be 0. But vethxmit calls devforwardskb, which expects at least ETHHLEN byte of linear data as...
kernel: virtio-net: tap: mlx5_core short frame denial of service
A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...
kernel: virtio-net: tun: mlx5_core short frame denial of service
A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...
kernel: virtio-net: tap: mlx5_core short frame denial of service
A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...
kernel: net: bridge: xmit: make sure we have at least eth header len bytes
A vulnerability was found in the Linux kernel in the net: bridge component, where the xmit function in the bridge device could trigger an uninitialized value error if a short skb less than the required ETHHLEN bytes is sent. This condition could cause unexpected behavior due to insufficient check...
kernel: net: bridge: xmit: make sure we have at least eth header len bytes
A vulnerability was found in the Linux kernel in the net: bridge component, where the xmit function in the bridge device could trigger an uninitialized value error if a short skb less than the required ETHHLEN bytes is sent. This condition could cause unexpected behavior due to insufficient check...
kernel: net: bridge: xmit: make sure we have at least eth header len bytes
A vulnerability was found in the Linux kernel in the net: bridge component, where the xmit function in the bridge device could trigger an uninitialized value error if a short skb less than the required ETHHLEN bytes is sent. This condition could cause unexpected behavior due to insufficient check...
kernel: virtio-net: tap: mlx5_core short frame denial of service
A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...
UBUNTU-CVE-2024-41091
In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tunxdpone path, which could cause a corrupted skb to be sent downstack. Even before the skb is...
DEBIAN-CVE-2024-38538
In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value1 error in bridge device's xmit path by sending a short less than ETHHLEN bytes skb. To fix it check if we can actually pull that...
UBUNTU-CVE-2024-38538
In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value1 error in bridge device's xmit path by sending a short less than ETHHLEN bytes skb. To fix it check if we can actually pull that...
GSD-2022-1002393 veth: Ensure eth header is in skb's linear part
veth: Ensure eth header is in skb's linear part This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.276 by commit...