Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in ip6appenddata Resurrect ubsan overflow checks and ubsan report this warning, fix it by change the variable length type to sizet. UBSAN: signed-integer-overflow in net/ipv6/ip6output.c:1489:19...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003422)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003422 advisory. The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002858)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002858 advisory. The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur...

EUVD-2017-18179

Malware in sbrugna...

CVE-2022-49728 ipv6: Fix signed integer overflow in __ip6_append_data

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in ip6appenddata Resurrect ubsan overflow checks and ubsan report this warning, fix it by change the variable length type to sizet. UBSAN: signed-integer-overflow in net/ipv6/ip6output.c:1489:19...

CVE-2022-49728

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in ip6appenddata Resurrect ubsan overflow checks and ubsan report this warning, fix it by change the variable length type to sizet. UBSAN: signed-integer-overflow in net/ipv6/ip6output.c:1489:19...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1764)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-26752

In the Linux kernel, the following vulnerability has been resolved: l2tp: pass correct message length to ip6appenddata l2tpip6sendmsg needs to avoid accounting for the transport header twice when splicing more data into an already partially-occupied skbuff. To manage this, we check whether the...

CVE-2024-26752

CVE-2024-26752 affects the Linux kernel L2TP/IP6 path: a miscalculated ulen in l2tp_ip6_sendmsg (ulen = len + skb_queue_empty(...) ? transhdrlen : 0) due to operator precedence caused incorrect transport-header accounting, leading to corrupted packets on the wire. The fix adds parentheses to alig...

CVE-2024-26752 l2tp: pass correct message length to ip6_append_data

In the Linux kernel, the following vulnerability has been resolved: l2tp: pass correct message length to ip6appenddata l2tpip6sendmsg needs to avoid accounting for the transport header twice when splicing more data into an already partially-occupied skbuff. To manage this, we check whether the...

Improper Input Validation

Linux kernel is vulnerable to improper input validation attacks. This occurs in the ip6appenddata function in net/ipv6/ip6output.c because it is too late in checking whether an overwrite of an skb data structure may occur. An attacker could cause an application crash resulting in denial of servic...

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2089-1)

This update for the Linux Kernel 3.12.74-606448 fixes several issues. The following security bugs were fixed : - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege bsc1050751. - CVE-2017-9242: The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel is to...

CVE-2017-9242

The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service system crash via crafted system calls...

CVE-2017-9242

The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service system crash via crafted system calls...

CVE-2017-9242

CVE-2017-9242 affects the Linux kernel prior to a fix that corrects an out-of-order overwrite check in the IPv6 stack. The vulnerability stems from the __ip6_append_data function in net/ipv6/ip6_output.c, where the overwrite check is performed too late, allowing a local attacker to crash the syst...