EUVD-2026-21957

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...

CVE-2026-31428

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...

DEBIAN-CVE-2025-21716

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix uninit-value in vxlanvnifilterdump KMSAN reported an uninit-value access in vxlanvnifilterdump 1. If the length of the netlink message payload is less than sizeofstruct tunnelmsg, vxlanvnifilterdump accesses bytes beyo...

CVE-2025-21716 vxlan: Fix uninit-value in vxlan_vnifilter_dump()

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix uninit-value in vxlanvnifilterdump KMSAN reported an uninit-value access in vxlanvnifilterdump 1. If the length of the netlink message payload is less than sizeofstruct tunnelmsg, vxlanvnifilterdump accesses bytes beyo...

MGASA-2021-0553 Updated opencontainers-runc packages fix security vulnerability

It was discovered that there was an overflow issue in runc, the runtime for the Open Container Project, often used with Docker. The Netlink 'bytemsg' length field could have allowed an attacker to override Netlink-based container configurations. This vulnerability required the attacker to have so...

Integer Overflow

github.com/opencontainers/runc is vulnerable to integer overflows. The vulnerability exists in containerlinux.go due to insecure handling of null bytes in mount sources which allows an attacker to bypass the namespace restrictions of the container by adding their ownNetlink payload which disables...