CVE-2026-45859

A flaw was found in the Linux kernel's netfilter nfnetlinkqueue component. This vulnerability occurs when an application does not set the FGSO capability flag and a Generic Segmentation Offload GSO packet with an unconfirmed netfilter connection nfconn entry is received. Due to an incorrect order...

CVE-2026-45929 ovpn: fix possible use-after-free in ovpn_net_xmit

In the Linux kernel, the following vulnerability has been resolved: ovpn: fix possible use-after-free in ovpnnetxmit When building the skblist in ovpnnetxmit, skbsharecheck will free the original skb if it is shared. The current implementation continues to use the stale skb pointer for subsequent...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netsched: The gsoskb list is also flushed during the -change operation. Previously, when reducing the limit of a qdisc using the -change operation, only the main skb queue was trimmed, potentially leaving packets in the gsoskb...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Networking layer: prevented MSB overflow in skbSegment. Once again, syzbot is able to crash the kernel in skbSegment. GSOBYFRAGS is a forbidden value, but unfortunately the following calculation in skbSegment can easily result...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Rejected malicious packets in ipv6gsoSegment. syzbot was able to create a packet with very long IPv6 extension headers, leading to an overflow of the skb-transportheader field. This 16-bit field has a limited range. Add...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: Zeroed unused hash fields When a GSO tunnel is negotiated, the virtionethdrtnlfromskb function attempts to initialize the tunnel metadata. However, it forgets to zero the unused rxhash fields. This could lead to...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: udp: Do not accept non-tunnel GSO packets that land in a tunnel. When rx-udp-gro-forwarding is enabled, UDP packets may be forwarded in a way that causes them to land in a tunnel. This can lead to various issues. udpgroreceive...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: gso: The ownership in udpgsosegment was corrected. In udpgsosegment, the skb destructor is removed before the skb is segmented, but the reference to the socket remains intact. This issue arises if the original skb becomes...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use the correct macoffset to unwind gsoskb in nshgsosegment As shown in the call trace, the skbpanic error occurred due to an incorrect skb-macheader value in nshgsoSegment. Invalid opcode: 0000 1 PREEMPT SMP KASAN PTI...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021626)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021626 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix crash when config small gsomaxsize/gsoipv4maxsize Config a small...

SUSE CVE-2026-43194

In the Linux kernel, the following vulnerability has been resolved: net: consume xmit errors of GSO frames udpgrofrglist.sh and udpgrobench.sh are the flakiest tests currently in NIPA. They fail in the same exact way, TCP GRO test stalls occasionally and the test gets killed after 10min. These...

EUVD-2026-27755

In the Linux kernel, the following vulnerability has been resolved: net: consume xmit errors of GSO frames udpgrofrglist.sh and udpgrobench.sh are the flakiest tests currently in NIPA. They fail in the same exact way, TCP GRO test stalls occasionally and the test gets killed after 10min. These...

CVE-2026-43194

In the Linux kernel, the following vulnerability has been resolved: net: consume xmit errors of GSO frames udpgrofrglist.sh and udpgrobench.sh are the flakiest tests currently in NIPA. They fail in the same exact way, TCP GRO test stalls occasionally and the test gets killed after 10min. These...

CVE-2026-43194 net: consume xmit errors of GSO frames

In the Linux kernel, the following vulnerability has been resolved: net: consume xmit errors of GSO frames udpgrofrglist.sh and udpgrobench.sh are the flakiest tests currently in NIPA. They fail in the same exact way, TCP GRO test stalls occasionally and the test gets killed after 10min. These...

CVE-2026-43194

In the Linux kernel, the following vulnerability has been resolved: net: consume xmit errors of GSO frames udpgrofrglist.sh and udpgrobench.sh are the flakiest tests currently in NIPA. They fail in the same exact way, TCP GRO test stalls occasionally and the test gets killed after 10min. These...

CVE-2026-43194

CVE-2026-43194 affects the Linux kernel networking stack where an error in handling transmit (xmit) failures for GSO frames can cause a single lost segment within a GSO frame to be misinterpreted as a complete frame loss. The issue arises when devices (e.g., veth) report errors during xmit; TCP m...

SUSE CVE-2026-43057

In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6CSUM GSO fallback NETIFFIPV6CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software...

PT-2026-37534

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel networking stack where the system incorrectly handles transmission xmit return codes for Generic Segmentation Offload GSO frames in environments witho...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: gso: fix udp gso fraglist segmentation after pull from fraglist Detect gso fraglist skbs with corrupted geometry see below and pass these to skbsegment instead of skbsegmentlist, as the first can segment them correctly. Valid...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a segmentation issue when upgrading gsosize. The skb was linearized during the upgrade of gsosize, as this might trigger a BUGON function later on, as described in 1,2...