EUVD-2026-37938

OpenBSD before commit 6a23123 2026-06-18 contains an out-of-bounds read vulnerability in the mplsdoerror function within sys/netmpls/mplsinput.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set...

AZL-64953 CVE-2025-38324 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: mpls: Use rcudereferencertnl in mplsrouteinputrcu. As syzbot reported 0, mplsrouteinputrcu can be called from mplsgetroute, where is under RTNL. net-mpls.platformlabel is only updated under RTNL. Let's use rcudereferencertnl in...