Linux Distros Unpatched Vulnerability : CVE-2026-43038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach Sashiko AI-review observed: In ip6errgenicmpv6unreach, the skb is an outer IPv4 ICMP error packet where its ...

Linux Distros Unpatched Vulnerability : CVE-2024-26665

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built...

CVE-2024-26665 tunnels: fix out of bounds access when building IPv6 PMTU error

In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the following splat, BUG: KASAN: slab-out-of-bounds in docsum+0x220/0x240 Read of size 4 at addr...

CVE-2024-26665

CVE-2024-26665 (Linux kernel) fixes a out-of-bounds access when constructing IPv6 PMTU ICMP errors in tunnels, triggered if the ICMPv6 error is built from a non-linear skb. The root cause is a slab-out-of-bounds read/write in the path that sums skb data (read of size 4) during PMTU error handling...

Integer overflow

An issue was discovered in Contiki through 3.0. When sending an ICMPv6 error message because of invalid extension header options in an incoming IPv6 packet, there is an attempt to remove the RPL extension headers. Because the packet length and the extension header length are unchecked with respec...