112 matches found
SUSE CVE-2026-46306
In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...
Linux Distros Unpatched Vulnerability : CVE-2026-46306
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd doe...
CVE-2026-46306
A flaw was found in the Linux kernel's flow dissector. This vulnerability allows a remote attacker to cause a Denial of Service DoS by sending a specially crafted Point-to-Point Protocol over Ethernet PPPoE Protocol Field Compression PFC frame to an affected system. The incorrect processing of...
CVE-2026-46306
In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...
UBUNTU-CVE-2026-46306
In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...
EUVD-2026-35171
In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...
CVE-2026-46306
In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...
CVE-2026-46306
CVE-2026-46306 — Linux kernel PPPoE PFC flow-dissector fix The vulnerability affects the Linux kernel flow dissector for PPPoE when handling Protocol Field Compression (PFC) frames. A compressed 1-byte Protocol Field can shift the PPP payload by one byte, causing a 4-byte misalignment in the netw...
CVE-2026-46306 flow_dissector: do not dissect PPPoE PFC frames
In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of PPPoE PFC frames in the flowdissector module. This vulnerability may lead to...
PT-2026-47377
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the flow dissector where the processing of PPPoE Protocol Field Compression PFC frames can lead to a 4-byte misalignment of the network header. This misalignment cause...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/core: Fixed the ETHP1588 flow dissector When a PTP Ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to skbflowdissect, the calculation of the nhoff value is incorrect. For example,...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ppp: Associating skb with a device at tx. Syzkaller triggered a flow dissector warning with the following code: c r0 = openat$ppp0xffffffffffffff9c, &0x7f0000000000, 0xc0802, 0x0 ioctl$PPPIOCNEWUNITr0, 0xc004743e,...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: iptunnel: prevent perpetual headroom growth The issue occurred because skb-data points beyond the allocated area of skb-head. This happens because the Neigh layer performs the following code: skbpullskb, skbnetworkoffsetskb;...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, the checkflowkeysaccess function only uses a fixed offset for validation. However, the variable offset ptr isn’t prohibited for this type of pointer. Therefore,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013677)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013677 advisory. In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010860)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010860 advisory. In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007512)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007512 advisory. In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the...
SUSE CVE-2026-23119
In the Linux kernel, the following vulnerability has been resolved: bonding: provide a net pointer to skbflowdissect After 3cbf4ffba5ee "net: plumb network namespace into skbflowdissect" we have to provide a net pointer to skbflowdissect, either via skb-dev, skb-sk, or a user provided pointer. In...
CVE-2026-23119
A flaw was found in the Linux kernel's network bonding driver. When performing XDP redirect operations through a bonding interface, the bondflowdissect function fails to provide a network namespace pointer to skbflowdissect. This triggers a kernel warning when processing packets with incomplete...