EUVD-2026-39326

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fixed potential use-after-free in hisifemacrx The skb object is passed to napigroreceive, which may free it. After calling this function, dereferencing the skb object may trigger a use-after-free...

Linux Distros Unpatched Vulnerability : CVE-2026-46323

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function skbgroreceive, which does not check the zero-copy status during the copy of frags,...

CVE-2026-46300 net: skbuff: preserve shared-frag marker during coalescing

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skbtrycoalesce can attach paged frags from @from to @to. If @from has SKBFLSHAREDFRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backe...

CVE-2026-46300

The CVE-2026-46300 issue affects the Linux kernel's net: skbuff code: skb_try_coalesce() can transfer paged frags from one skb to another while losing the SKBFL_SHARED_FRAG marker, breaking the invariant relied on by ESP decryption logic. This can allow an in-place decrypt path to operate on page...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: gro: fixed ownership transfer If packets are received using GRO, they may be segmented later on and continue their journey within the stack. In skbSegmentlist, these segments can be reused as they are. This is a problem because...

CLSA-2026-1778930898 kernel: Fix of CVE-2026-46300

ptrace: require CAPSYSPTRACE when task has no mm - net: udpoffload: propagate SKBFLSHAREDFRAG in skbgroreceivelist CVE-2026-46300...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989304)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989304 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2rx The skb is delivered to napigroreceive...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986693)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986693 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2rx The skb is delivered to napigroreceive...

The vulnerability of the `udp_gro_receive()` function in the `net/ipv4/udp_offload.c` module of the Linux operating system’s IPv4 protocol implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the udpgroreceive function in the net/ipv4/udpoffload.c module of the Linux operating system’s IPv4 protocol implementation is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the UDP component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the udp component in the Linux operating system’s kernel is related to a memory corruption in the udpgroreceive function. Exploiting this vulnerability can allow an attacker to cause a service failure...

SUSE CVE-2022-48962

In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisifemacrx The skb is delivered to napigroreceive which may free it, after calling this, dereferencing skb may trigger use-after-free...

DEBIAN-CVE-2022-48964

In the Linux kernel, the following vulnerability has been resolved: ravb: Fix potential use-after-free in ravbrxgbeth The skb is delivered to napigroreceive which may free it, after calling this, dereferencing skb may trigger use-after-free...

UBUNTU-CVE-2022-48960

In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2rx The skb is delivered to napigroreceive which may free it, after calling this, dereferencing skb may trigger use-after-free...

DEBIAN-CVE-2024-46763

In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fougroreceive while shutting down a host. 0 The NULL pointer is sk-skuserdata, and the offset 8 is of protocol in struct fou. When fourelease is called due to netns...

SUSE CVE-2024-44940

In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in guegroreceive on unsupported protocol Drop the WARNONONCE inn guegroreceive if the encapsulated type is not known or does not have a GRO handler. Such a packet is easily constructed. Syzbot generates them and...

AZL-49140 CVE-2024-44940 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in guegroreceive on unsupported protocol Drop the WARNONONCE inn guegroreceive if the encapsulated type is not known or does not have a GRO handler. Such a packet is easily constructed. Syzbot generates them and...

DEBIAN-CVE-2024-44940

In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in guegroreceive on unsupported protocol Drop the WARNONONCE inn guegroreceive if the encapsulated type is not known or does not have a GRO handler. Such a packet is easily constructed. Syzbot generates them and...