SUSE CVE-2023-53109

In the Linux kernel, the following vulnerability has been resolved: net: tunnels: annotate lockless accesses to dev-neededheadroom IP tunnels can apparently update dev-neededheadroom in their xmit path. This patch takes care of three tunnels xmit, and also the core LLRESERVEDSPACE and...

CVE-2022-48936

CVE-2022-48936 is rejected by the CVE Assignment Authority and is not a valid active vulnerability entry.

CVE-2024-35941

REJECTED CVE A use-after-free vulnerability was identified in the Linux kernel's net subsystem, specifically in skbuff handling. The issue arises from an overflow of the skb-networkheader a u16 value, causing skbnetworkoffsetskb to return a negative value. This results in the skbpull function...

CVE-2024-26804 net: ip_tunnel: prevent perpetual headroom growth

In the Linux kernel, the following vulnerability has been resolved: net: iptunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in skbflowdissect+0x19d1/0x7a50 net/core/flowdissector.c:1170 Read of size 1 at addr ffff88812fb4000e by task...

CVE-2024-26804

CVE-2024-26804 concerns a Linux kernel vulnerability in the net/ip_tunnel subsystem where headroom could inflate without bound when gre/ipip tunnels route in a cycle. The root cause, as described in the vulnerability report, is that ip_tunnel_xmit can trigger an ever-increasing needed_headroom on...