Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix the following issue: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264449. CVE-2026-43500: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present bsc1264450. Special Instructions and Notes: Plea...

CVE-2026-31649

A flaw was found in the Linux kernel's stmmac network driver. An integer underflow vulnerability in the jumbofrm function, when processing specially crafted fragmented network packets, can lead to a memory disclosure and potential memory corruption. This issue allows an attacker to read arbitrary...

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013401)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013401 advisory. In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the...

CVE-2025-59024 Crafted delegations or IP fragments can poison cached delegations in Recursor

Crafted delegations or IP fragments can poison cached delegations in Recursor...

CVE-2025-59024

Crafted delegations or IP fragments can poison cached delegations in Recursor...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000903)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000903 advisory. net/ipv6/netfilter/nfconntrackreasm.c in the Linux kernel before 2.6.34, when the nfconntrackipv6 module is enabled, allows remote attackers to cause a denial of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000713)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000713 advisory. The virtnetprobe function in drivers/net/virtionet.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000993)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000993 advisory. The batadvfragmergepackets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the Linux kernel through 3.18.1 uses an incorrect length...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002337 advisory. net/ipv6/netfilter/nfconntrackreasm.c in the Linux kernel before 2.6.34, when the nfconntrackipv6 module is enabled, allows remote attackers to cause a denial of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001840)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001840 advisory. The virtnetprobe function in drivers/net/virtionet.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000673)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000673 advisory. drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted...

CVE-1999-0588

A filter in a router or firewall allows unusual fragmented packets...

CVE-1999-0240

Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy...

CVE-1999-0602

A network intrusion detection system IDS does not properly reassemble fragmented packets...

CVE-2025-68388

Allocation of resources without limits or throttling CWE-770 allows an unauthenticated remote attacker to cause excessive allocation CAPEC-130 of memory and CPU via the integration of malicious IPv4 fragments, leading to a degradation in Packetbeat...

kernel: net/sched: act_ct: fix skb leak and crash on ooo frags

A memory leak flaw and potential kernel crash were found in the Linux kernel’s Conntrack module. This issue occurs when Conntrack is being used by a local user for a specific configuration, and both fragmented packets are received remotely and out of order. This flaw allows a local or remote user...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an uninitialized peer receiving fragmented packets, which could lead to a null pointer exception...

Linux Distros Unpatched Vulnerability : CVE-2023-53822

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath11k: Ignore frags from uninitialized peer in dp. When max virtual ap interfaces are configured in all the bands with ACS and hostapd restart is done...

kernel: net/sched: act_ct: fix skb leak and crash on ooo frags

A memory leak flaw and potential kernel crash were found in the Linux kernel’s Conntrack module. This issue occurs when Conntrack is being used by a local user for a specific configuration, and both fragmented packets are received remotely and out of order. This flaw allows a local or remote user...

kernel: net/sched: act_ct: fix skb leak and crash on ooo frags

A memory leak flaw and potential kernel crash were found in the Linux kernel’s Conntrack module. This issue occurs when Conntrack is being used by a local user for a specific configuration, and both fragmented packets are received remotely and out of order. This flaw allows a local or remote user...