17 matches found
EUVD-2025-12885
Malicious code in bioql PyPI...
CVE-2025-38124
In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skbsegment after pull from fraglist Commit a1e40ac5b5e9 "net: gso: fix udp gso fraglist segmentation after pull from fraglist" detected invalid geometry in fraglist skbs and redirects them from skbsegmentlist to...
CVE-2025-38124
CVE-2025-38124 affects the Linux kernel UDP GSO fraglist handling. The vulnerability arises when a frag_list GSO skb has part of its payload pulled into head_skb, causing the frag_list SKBs to lose their expected geometry and triggering a failure in skb_segment. The description specifies the inva...
CVE-2022-49872
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix panic on fraglist with mixed head alloc types Since commit 3dcbdb134f32 "net: gso: Fix skbsegment splat when splitting gsosize mangled skb having linear-headed fraglist", it is allowed to change gsosize of a GRO...
CVE-2022-49872
The CVE-2022-49872 issue affects the Linux kernel’s net: gso path. A GRO packet can have its gso_size changed and the existing assumption that checking the first list_skb member is sufficient is violated when skbs on the frag_list have differing head_frag heads. This can trigger a BUG_ON in skb_s...
SUSE CVE-2024-49979
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix tcp fraglist segmentation after pull from fraglist Detect tcp gso fraglist skbs with corrupted geometry see below and pass these to skbsegment instead of skbsegmentlist, as the first can segment them correctly. Vali...
CVE-2024-35884 udp: do not accept non-tunnel GSO skbs landing in a tunnel
In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx-udp-gro-forwarding is enabled UDP packets might be GROed when being forwarded. If such packets might land in a tunnel this can cause various issues and...
CVE-2024-26921
In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...
CVE-2024-26921 inet: inet_defrag: prevent sk release while still in use
In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...
CVE-2024-26921 inet: inet_defrag: prevent sk release while still in use
In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...
CVE-2021-47162
In the Linux kernel, the following vulnerability has been resolved: tipc: skblinearize the head skb when reassembling msgs It's not a good idea to append the frag skb to a skb's fraglist if the fraglist already has skbs from elsewhere, such as this skb was created by pskbcopy where the fraglist w...
CVE-2021-47162
In the Linux kernel, the following vulnerability has been resolved: tipc: skblinearize the head skb when reassembling msgs It's not a good idea to append the frag skb to a skb's fraglist if the fraglist already has skbs from elsewhere, such as this skb was created by pskbcopy where the fraglist w...
GSD-2022-1008357 net: gso: fix panic on frag_list with mixed head alloc types
net: gso: fix panic on fraglist with mixed head alloc types This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.334 by commit...
GSD-2022-1008309 net: gso: fix panic on frag_list with mixed head alloc types
net: gso: fix panic on fraglist with mixed head alloc types This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.300 by commit...
GSD-2022-1008250 net: gso: fix panic on frag_list with mixed head alloc types
net: gso: fix panic on fraglist with mixed head alloc types This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.267 by commit...
GSD-2022-1008178 net: gso: fix panic on frag_list with mixed head alloc types
net: gso: fix panic on fraglist with mixed head alloc types This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.225 by commit...
GSD-2022-1008085 net: gso: fix panic on frag_list with mixed head alloc types
net: gso: fix panic on fraglist with mixed head alloc types This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.155 by commit...