Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumipip: A memory leak was fixed when changing the remote IPv6 address. The device stores IPv6 addresses that are used for encapsulation in linear memory, which is managed by the driver. Changing the remote address of...

CVE-2025-71098

In the Linux kernel, the following vulnerability has been resolved: ip6gre: make ip6greheader robust Over the years, syzbot found many ways to crash the kernel in ip6greheader 1. This involves team or bonding drivers ability to dynamically change their dev-neededheadroom and/or dev-hardheaderlen ...

CVE-2025-71098

The CVE CVE-2025-71098 affects the Linux kernel’s IP6_GRE path. Syzbot crashes were caused by ip6gre_header() relying on dynamic dev->needed_headroom/dev->hard_header_len, enabling skb underflow when an skb with insufficient headroom was used (e.g., during mld_sendpack/mld_finish_output pat...

CVE-2025-71098 ip6_gre: make ip6gre_header() robust

In the Linux kernel, the following vulnerability has been resolved: ip6gre: make ip6greheader robust Over the years, syzbot found many ways to crash the kernel in ip6greheader 1. This involves team or bonding drivers ability to dynamically change their dev-neededheadroom and/or dev-hardheaderlen ...

CVE-2025-71098 ip6_gre: make ip6gre_header() robust

In the Linux kernel, the following vulnerability has been resolved: ip6gre: make ip6greheader robust Over the years, syzbot found many ways to crash the kernel in ip6greheader 1. This involves team or bonding drivers ability to dynamically change their dev-neededheadroom and/or dev-hardheaderlen ...

PT-2026-2619

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw in the ip6gre header function that could lead to kernel crashes. The issue stemmed from the ability of team or bonding drivers to dynamically alter...

K000150813: Linux kernel vulnerability CVE-2024-50252

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumipip: Fix memory leak when changing remote IPv6 address The device stores IPv6 addresses that are used for encapsulation in linear memory that is managed by the driver. Changing the...

AZL-53340 CVE-2024-50252 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumipip: Fix memory leak when changing remote IPv6 address The device stores IPv6 addresses that are used for encapsulation in linear memory that is managed by the driver. Changing the remote address of an ip6gre net...

CVE-2024-50252

CVE-2024-50252 describes a memory leak in the Linux kernel mlxsw spectrum_ipip implementation when changing the remote IPv6 address of an ip6gre net device. The root cause is that the driver failed to add the new address to its hash table and did not remove the old one, leading to leaks and a war...