CVE-2026-46120

A flaw was found in the Linux kernel's ip6gre module. An unprivileged user could exploit this vulnerability by migrating a network device, causing the ip6erspanchangelink function to incorrectly handle network namespace references. This error leads to a use-after-free condition when the original...

CVE-2026-46120 ip6_gre: Use cached t->net in ip6erspan_changelink().

In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013197)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013197 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report 1 with no reproducer hints at a bug...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002922)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002922 advisory. The ip6greerr function in net/ipv6/ip6gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet,...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002757)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002757 advisory. The ip6greerr function in net/ipv6/ip6gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet,...

kernel: ipv6: ensure sane device mtu in tunnels

A flaw was found in the Linux kernel’s IPv6 networking code affecting the handling of IPv6 GRE tunnels. Under certain conditions, an IPv6 tunnel configuration could result in an invalid MTU Maximum Transmission Unit value being written to a network device without sanitization. Because the MTU val...

kernel: erspan: do not use skb_mac_header() in ndo_start_xmit()

In the Linux kernel, the following vulnerability has been resolved: erspan: do not use skbmacheader in ndostartxmit Drivers should not assume skbmacheaderskb == skb-data in their ndostartxmit. Use skbnetworkoffset and skbtransportoffset which better describe what is needed in erspanfbxmit and...

kernel: ipv6: ensure sane device mtu in tunnels

A flaw was found in the Linux kernel’s IPv6 networking code affecting the handling of IPv6 GRE tunnels. Under certain conditions, an IPv6 tunnel configuration could result in an invalid MTU Maximum Transmission Unit value being written to a network device without sanitization. Because the MTU val...

UBUNTU-CVE-2017-5897

The ip6greerr function in net/ipv6/ip6gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access...