RHEL 9 : kernel (RHSA-2026:25028)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25028 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: openvswitch: Avoid...

SUSE CVE-2026-46273

In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the adapter to freeze, stoppi...

CVE-2026-46273

In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the adapter to freeze, stoppi...

CVE-2026-46273

In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the adapter to freeze, stoppi...

CVE-2026-46273 ibmveth: Disable GSO for packets with small MSS

In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the adapter to freeze, stoppi...

CVE-2026-46273

The CVE-2026-46273 entry describes a Linux kernel vulnerability in the ibmveth driver affecting Power systems: GSO offload fails when MSS < 224 bytes, potentially freezing the network adapter and causing DoS until a manual reset. The fix adds an ndo_features_check to disable GSO for MSS 1; si...

kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

ALSA-2026:21557 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: j1939: j1939sessionnew: fix skb reference counting CVE-2024-56645 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: mm: thp: deny...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialize rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported a divide-by-zero issue in tcpselectWindow for MPTCP sockets. 0 We had a similar issue with bare TCP and fixed it in commit 499350a5a6...

SUSE CVE-2026-43190

In the Linux kernel, the following vulnerability has been resolved: netfilter: xttcpmss: check remaining length before reading optlen Quoting reporter: In net/netfilter/xttcpmss.c lines 53-68, the TCP option parser reads opi+1 directly without validating the remaining option length. If the last...

EUVD-2026-27750

In the Linux kernel, the following vulnerability has been resolved: netfilter: xttcpmss: check remaining length before reading optlen Quoting reporter: In net/netfilter/xttcpmss.c lines 53-68, the TCP option parser reads opi+1 directly without validating the remaining option length. If the last...

CVE-2026-43190

The CVE-2026-43190 issue affects the Linux kernel netfilter xt_tcpmss TCP option parser. The root cause is reading op[i+1] without validating the remaining option length, which can cause an out-of-bounds read when i+1 == optlen. This could access memory past the option boundary (stack buffer _opt...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: prevented mss overflow in skbsegment Once again, syzbot is able to cause the kernel to crash in skbSegment. “GSOBYFRAGS” is a forbidden value, but unfortunately, the following calculation in skbSegment can easily result in...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpbasemss. When reading sysctltcpbasemss, it can be changed concurrently. Therefore, we need to add READONCE to its readers...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013169)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013169 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011294)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011294 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013094 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the...

OESA-2026-1948 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a...

OESA-2026-1947 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a...