15 matches found
kernel: netfilter: nft_tunnel: fix geneve_opt type confusion addition
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttunnel: fix geneveopt type confusion addition When handling multiple NFTATUNNELKEYOPTSGENEVE attributes, the parsing logic should place every geneveopt structure one by one compactly. Hence, when deciding the next...
EUVD-2025-11240
Malicious code in bioql PyPI...
EUVD-2025-11242
Malicious code in bioql PyPI...
net: fix geneve_opt length integer overflow
...
SUSE CVE-2025-22056
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttunnel: fix geneveopt type confusion addition When handling multiple NFTATUNNELKEYOPTSGENEVE attributes, the parsing logic should place every geneveopt structure one by one compactly. Hence, when deciding the next...
CVE-2025-22056
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttunnel: fix geneveopt type confusion addition When handling multiple NFTATUNNELKEYOPTSGENEVE attributes, the parsing logic should place every geneveopt structure one by one compactly. Hence, when deciding the next...
CVE-2025-22055
In the Linux kernel, the following vulnerability has been resolved: net: fix geneveopt length integer overflow struct geneveopt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink policies cannot promi...
CVE-2025-22056
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttunnel: fix geneveopt type confusion addition When handling multiple NFTATUNNELKEYOPTSGENEVE attributes, the parsing logic should place every geneveopt structure one by one compactly. Hence, when deciding the next...
CVE-2025-22056
The CVE-2025-22056 issue affects the Linux kernel nft_tunnel handling of NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, where the parse/dump logic performed type conversions before pointer arithmetic, causing a slab-out-of-bounds write. The fix is to perform pointer addition using char* units and correc...
CVE-2025-22056 netfilter: nft_tunnel: fix geneve_opt type confusion addition
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttunnel: fix geneveopt type confusion addition When handling multiple NFTATUNNELKEYOPTSGENEVE attributes, the parsing logic should place every geneveopt structure one by one compactly. Hence, when deciding the next...
CVE-2025-22056 netfilter: nft_tunnel: fix geneve_opt type confusion addition
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttunnel: fix geneveopt type confusion addition When handling multiple NFTATUNNELKEYOPTSGENEVE attributes, the parsing logic should place every geneveopt structure one by one compactly. Hence, when deciding the next...
CVE-2025-22055
CVE-2025-22055 is a Linux kernel issue in net: geneve_opt length overflow. A 5-bit length (max 128 bytes) for each option can be abused by sending a 128-byte option to fake a zero-length option, enabling heap out-of-bounds read during parsing. Connected sources describe the root cause and show a ...
CVE-2025-22055
In the Linux kernel, the following vulnerability has been resolved: net: fix geneveopt length integer overflow struct geneveopt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink policies cannot promi...
CVE-2025-22055 net: fix geneve_opt length integer overflow
In the Linux kernel, the following vulnerability has been resolved: net: fix geneveopt length integer overflow struct geneveopt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink policies cannot promi...
CVE-2025-22055 net: fix geneve_opt length integer overflow
In the Linux kernel, the following vulnerability has been resolved: net: fix geneveopt length integer overflow struct geneveopt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink policies cannot promi...