kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: clear skb2-cb in ip4ip6err Oskar Kjos reported the following problem. ip4ip6err calls icmpsend on a cloned skb whose cb was written by the IPv6 receive path as struct inet6skbparm. icmpsend passes IPCBskb2 to...

Linux Distros Unpatched Vulnerability : CVE-2026-43037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ip6tunnel: clear skb2-cb in ip4ip6err Oskar Kjos reported the following problem. ip4ip6err calls icmpsend on a cloned skb whose cb was written by the IPv6 recei...

CVE-2026-43037

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: clear skb2-cb in ip4ip6err Oskar Kjos reported the following problem. ip4ip6err calls icmpsend on a cloned skb whose cb was written by the IPv6 receive path as struct inet6skbparm. icmpsend passes IPCBskb2 to...

PT-2026-36454

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the ip4ip6 err function where it calls icmp send using a cloned socket buffer skb containing cb data written as struct inet6 skb parm. The icmp send function passes...

Linux Distros Unpatched Vulnerability : CVE-2026-31472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet totlen and ihl fields parsed from decrypted IPTFS payloa...

CVE-2024-49948

In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdiscpktleninit One path takes care of SKBGSODODGY, assuming skb-len is bigger than hdrlen. virtionethdrtoskb does not fully dissect TCP headers, it only make sure it is at least 20 bytes. It is...

AZL-51228 CVE-2024-50033 affecting package kernel for versions less than 6.6.57.1-1

In the Linux kernel, the following vulnerability has been resolved: slip: make slhcremember more robust against malicious packets syzbot found that slhcremember was missing checks against malicious packets 1. slhcremember only checked the size of the packet was at least 20, which is not good...

UBUNTU-CVE-2024-50033

In the Linux kernel, the following vulnerability has been resolved: slip: make slhcremember more robust against malicious packets syzbot found that slhcremember was missing checks against malicious packets 1. slhcremember only checked the size of the packet was at least 20, which is not good...

SUSE CVE-2024-44999

In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit syzbot/KMSAN reported use of uninit-value in getdevxmit 1 We must make sure the IPv4 or Ipv6 header is pulled in skb-head before accessing fields in them. Use pskbinetmaypull to fix this...

DEBIAN-CVE-2024-44999

In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit syzbot/KMSAN reported use of uninit-value in getdevxmit 1 We must make sure the IPv4 or Ipv6 header is pulled in skb-head before accessing fields in them. Use pskbinetmaypull to fix this...

CVE-2024-36927

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in ipmakeskb KMSAN reported uninit-value access in ipmakeskb 1. ipmakeskb tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt2 with...

AZL-56207 CVE-2024-36927 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in ipmakeskb KMSAN reported uninit-value access in ipmakeskb 1. ipmakeskb tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt2 with...

暴风影音3.7.11.13 远程拒绝服务漏洞

No description provided by source. ifndef WIN32LEANANDMEAN define WIN32LEANANDMEAN endif include winsock2.h include ws2tcpip.h include stdio.h pragma commentlib, "ws232" // Set the packing to a 1 byte boundary include pshpack1.h // // Define the IPv4 header. Make the version and length field one...