3 matches found
CVE-2026-10638 Use-after-free in Zephyr ICMPv6 RX path when updating statistics after sending an echo reply or error
subsys/net/ip/icmpv6.c reads the network interface from a netpkt after that packet has been handed to nettrysenddata. In icmpv6handleechorequest and neticmpv6senderror, the post-send statistics update calls netpktifacereply/netpktifacepkt on the just-sent packet. The send path nettrysenddata -...
CVE-2026-10638
The CVE describes a use-after-free in Zephyr’s ICMPv6 RX path: after sending an ICMPv6 Echo Request or an error, post-send statistics update references net_pkt_iface(reply/pkt) on a packet that may already be freed by net_try_send_data (or by the driver/L2). If CONFIG_NET_TC_TX_COUNT is 0 or the ...
SUSE-RU-2022:1384-1 Recommended update for Salt
This update fixes the following issues: salt: - Clear network interfaces cache on grains request bsc1196050 - Handle old qemu-img not supporting -U parameter bsc1195221 - Restrict 'state.orchestratesingle' to pass a pillar value if it exists bsc1194632 - Fix sparse disk errors on Python 2 virt...