13 matches found
CVE-2026-53227
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible kfreeskb of ERRPTR After the patch in the "Fixes" tag, the allocation of the "reply" skb can happen either before or after locking the ovsmutex. However, error cleanups still follow the classical...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: afunix: Calling kfreeskb for dead unixsk-oobskb in GC. syzbot reported a warning in unixgc, which creates a socketpair and sends the fd of one socket to itself using the peer. socketpairAFUNIX, SOCKSTREAM, 0, 3, 4 = 0 sendmsg4,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005730)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005730 advisory. In the Linux kernel, the following vulnerability has been resolved: ntbnetdev: Use devkfreeskbany in interrupt context TX/RX callback handlers ntbnetdevtxhandler,...
CVE-2022-50832
CVE-2022-50832 is a Linux kernel issue affecting the wilc1000 WiFi driver, where wilc_mac_xmit() could return NETDEV_TX_OK without freeing the socket buffer (skb). The fix adds a dev_kfree_skb() to ensure the skb is freed. The description indicates this was a compile-tested fix. No exploit detail...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: Add rxskb of kfreeskb to rawtpnullargs. Yan Zhai reported a BPF prog could trigger a null-ptr-deref 0 in tracekfreeskb if the prog does not check if rxsk is NULL. Commit c53795d48ee8 "net: add rxsk to tracekfreeskb" added rx...
SUSE CVE-2023-53023
In the Linux kernel, the following vulnerability has been resolved: net: nfc: Fix use-after-free in localcleanup Fix a use-after-free that occurs in kfreeskb called from localcleanup. This could happen when killing nfc daemon e.g. neard after detaching an nfc device. When detaching an nfc device,...
UBUNTU-CVE-2025-21852
In the Linux kernel, the following vulnerability has been resolved: net: Add rxskb of kfreeskb to rawtpnullargs. Yan Zhai reported a BPF prog could trigger a null-ptr-deref 0 in tracekfreeskb if the prog does not check if rxsk is NULL. Commit c53795d48ee8 "net: add rxsk to tracekfreeskb" added rx...
CVE-2022-49153
CVE-2022-49153 affects the Linux kernel via the wireguard path: when sending to a peer, skb memory is not freed if IPv6 is disabled, causing a memory leak. The root cause is missing kfree_skb() in the send6() handling within wg_socket_send_buffer_to_peer/..send_buffer_to_peer() and related code p...
DEBIAN-CVE-2024-53117
In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Improve MSGZEROCOPY error handling Add a missing kfreeskb to prevent memory leaks...
SUSE CVE-2022-48958
In the Linux kernel, the following vulnerability has been resolved: ethernet: aeroflex: fix potential skb leak in grethinitrings The grethinitrings function won't free the newly allocated skb when dmamappingerror returns error, so add devkfreeskb to fix it. Compile tested only...
PT-2023-33436 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.302 Description: The issue is related to a potential security vulnerability in the xen/netback component. It involves calling kfree skb with interrupts disabled, which may have security implications. The...
PT-2023-33361 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.4.168 through 5.4.226 Description: The issue is related to a problem in the xen/netback component where kfree skb is called with interrupts disabled. The actual impact and potential for attack have not been proven yet...
PT-2023-33128 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue is related to a problem in the xen/netback component where kfree skb is called with interrupts disabled. The actual impact and potential for attack have not been proven yet...