CVE-2026-23003

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: use skbvlaninetprepare in ip6tnlrcv Blamed commit did not take care of VLAN encapsulations as spotted by syzbot 1. Use skbvlaninetprepare instead of pskbinetmaypull. 1 BUG: KMSAN: uninit-value in INETECNdecapsulate...

CVE-2026-23003 ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv()

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: use skbvlaninetprepare in ip6tnlrcv Blamed commit did not take care of VLAN encapsulations as spotted by syzbot 1. Use skbvlaninetprepare instead of pskbinetmaypull. 1 BUG: KMSAN: uninit-value in INETECNdecapsulate...

CVE-2026-23003

CVE-2026-23003 : In the Linux kernel’s IPv6 tunnel receive path (ip6_tunnel, __ip6_tnl_rcv), VLAN encapsulations were not handled correctly due to a failed VLAN-aware pull in the decapsulation path. The fix substitutes skb_vlan_inet_prepare() for pskb_inet_may_pull() to properly accommodate VLAN-...

PT-2026-4665

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained an issue within the ip6 tunnel component where the code did not properly handle VLAN encapsulations. Specifically, the commit responsible did not account for...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986410)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986410 advisory. In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in...