net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit

...

UBUNTU-CVE-2026-23277

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

CVE-2026-23277 net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

CVE-2024-26804 net: ip_tunnel: prevent perpetual headroom growth

In the Linux kernel, the following vulnerability has been resolved: net: iptunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in skbflowdissect+0x19d1/0x7a50 net/core/flowdissector.c:1170 Read of size 1 at addr ffff88812fb4000e by task...

CVE-2024-26804

CVE-2024-26804 concerns a Linux kernel vulnerability in the net/ip_tunnel subsystem where headroom could inflate without bound when gre/ipip tunnels route in a cycle. The root cause, as described in the vulnerability report, is that ip_tunnel_xmit can trigger an ever-increasing needed_headroom on...