39 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53363
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propaga...
CVE-2026-53363
A flaw was found in the Linux kernel's iptfs component, part of the IPSec framework. The iptfsconsumefrags function does not correctly propagate a flag indicating shared fragments. This can cause the Encapsulating Security Payload ESP to make incorrect security decisions regarding in-place...
CVE-2026-53363
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propagate the SKBFLSHAREDFRAG flag. This is the same class of bug that was...
UBUNTU-CVE-2026-53363
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propagate the SKBFLSHAREDFRAG flag. This is the same class of bug that was...
CVE-2026-53363
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propagate the SKBFLSHAREDFRAG flag. This is the same class of bug that was...
EUVD-2026-42870
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propagate the SKBFLSHAREDFRAG flag. This is the same class of bug that was...
CVE-2026-53363 xfrm: iptfs: preserve shared-frag marker in iptfs_consume_frags()
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propagate the SKBFLSHAREDFRAG flag. This is the same class of bug that was...
CVE-2026-53363
CVE-2026-53363 affects the Linux kernel’s xfrm/iptfs path. The vulnerability arises because iptfs_consume_frags() fails to propagate the SKBFL_SHARED_FRAG flag when transferring paged fragments, mirroring the issue fixed in skb_try_coalesce() for CVE-2026-46300. The documented remediation is to a...
Linux Distros Unpatched Vulnerability : CVE-2026-53197
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: iptfs: fix ABBA deadlock in iptfsdestroystate iptfsdestroystate calls hrtimercancel while holding a spinlock that the timer callback also acquires, leadin...
Linux Distros Unpatched Vulnerability : CVE-2026-53240
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial...
CVE-2026-53197
A flaw was found in the iptfs module of the Linux kernel. This issue, an ABBA deadlock, occurs when iptfsdestroystate attempts to cancel a timer while holding a spinlock that the timer's callback also tries to acquire. This circular dependency can cause the system to become unresponsive, leading ...
CVE-2026-53240
A flaw was found in the Linux kernel's xfrm: iptfs component. A race condition during partial packet reassembly in the inputprocesspayload function can lead to a use-after-free vulnerability. This occurs when a concurrent process frees a packet buffer skb before it is checked, allowing subsequent...
CVE-2026-53240
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial reassembly, then unlocks and breaks out of the processing loop. The...
CVE-2026-53197
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix ABBA deadlock in iptfsdestroystate iptfsdestroystate calls hrtimercancel while holding a spinlock that the timer callback also acquires, leading to an ABBA deadlock on SMP systems. For the output timer iptfstimer...
UBUNTU-CVE-2026-53240
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial reassembly, then unlocks and breaks out of the processing loop. The...
UBUNTU-CVE-2026-53197
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix ABBA deadlock in iptfsdestroystate iptfsdestroystate calls hrtimercancel while holding a spinlock that the timer callback also acquires, leading to an ABBA deadlock on SMP systems. For the output timer iptfstimer...
CVE-2026-53240
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial reassembly, then unlocks and breaks out of the processing loop. The...
EUVD-2026-39191
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial reassembly, then unlocks and breaks out of the processing loop. The...
CVE-2026-53240 xfrm: iptfs: fix use-after-free on first_skb in __input_process_payload
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial reassembly, then unlocks and breaks out of the processing loop. The...
CVE-2026-53240
CVE-2026-53240 concerns a use-after-free in the Linux kernel xfrm: iptfs partial reassembly logic (__input_process_payload). The bug occurs when first_skb is saved to xtfs->ra_newskb under drop_lock and a concurrent path may complete reassembly, NULL the ra_newskb, and free the skb before the ...