42 matches found
CVE-2026-46244
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...
CVE-2026-46244
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...
CVE-2026-46244
The CVE-2026-46244 issue is in Linux kernel netfilter nft_inner: during inner IPv6 processing, ipv6_find_hdr() computes the transport header offset but is overwritten with nhoff + 40 (IPv6 base header only), causing a desync between inner_thoff and l4proto. This enables transport header forgery a...
CVE-2026-46244
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...
EUVD-2026-34106
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...
CVE-2026-46244 netfilter: nft_inner: Fix IPv6 inner_thoff desync
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: iptunnel: ensure that the inner header is pulled in iptunnelrcv The same fixes were applied in the following issues: 8d975c15c0cd “ip6tunnel: ensure that the inner header is pulled in ip6tnlrcv” 1ca1ba465e55 “geneve: ensu...
SUSE CVE-2026-43057
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6CSUM GSO fallback NETIFFIPV6CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: ip6tunnel: Ensure that the inner header is pulled in ip6tnlrcv. syzbot found that ip6tnlrcv could access unitized data 1. Call pskbinetmaypull to fix this, and initialize the ipv6h variable after this call, as it can change...
CVE-2026-43057
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6CSUM GSO fallback NETIFFIPV6CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software...
CVE-2026-43057
CVE-2026-43057 concerns the Linux kernel networking stack. The issue arises in how IPv6 traffic with extension headers or with no inner IP protocol is processed when using IPV6_CSUM GSO fallback. The fix, described in the CVE entry and corroborated by Debian/Red Hat advisories, changes the fallba...
CVE-2026-43057 net: correctly handle tunneled traffic on IPV6_CSUM GSO fallback
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6CSUM GSO fallback NETIFFIPV6CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software...
EUVD-2026-26656
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6CSUM GSO fallback NETIFFIPV6CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software...
PT-2026-36474
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6 CSUM GSO fallback NETIF F IPV6 CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto softwar...
CVE-2026-31472
CVE-2026-31472 concerns the Linux kernel, specifically the xfrm/ IPTFS path. A crafted ESP packet with an inner IPv4 header can cause an infinite loop in __input_process_payload() if the inner header has tot_len=0 or malformed ihl. The fix adds validation to reject inner packets where tot_len <...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007567)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007567 advisory. In the Linux kernel, the following vulnerability has been resolved: net: iptunnel: make sure to pull inner header in iptunnelrcv Apply the same fix than ones found i...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-392950)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-392950 advisory. In the Linux kernel, the following vulnerability has been resolved: net: iptunnel: make sure to pull inner header in iptunnelrcv Apply the same fix than ones found i...
EUVD-2024-53286
Malicious code in bioql PyPI...
OESA-2025-1080 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A race condition was found in the Linux kernel's net/bluetooth in conn,advmin,maxintervalset function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service. CVE-2024-24858 In t...
CVE-2024-56638
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: incorrect percpu area handling under softirq Softirq can interrupt ongoing packet from process context that is walking over the percpu area that contains inner header offsets. Disable bh and perform three...