CVE-2026-46120

In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...

CVE-2026-45940

In the Linux kernel, CVE-2026-45940 affects the stmmac driver (GMAC4) and is resolved by changing the descriptor handling: the PL bit-field in RDES3 is now applied to all descriptors, whether last or not. Previously, some descriptors could have buf2 not fully filled, causing incorrect length calc...

SUSE CVE-2026-31504

In the Linux kernel, the following vulnerability has been resolved: net: fix fanout UAF in packetrelease via NETDEVUP race packetrelease has a race window where NETDEVUP can re-register a socket into a fanout group's arr array. The re-registration is not cleaned up by fanoutrelease, leaving a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010860)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010860 advisory. In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the...

SUSE CVE-2026-23254

In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag when H/W offloading t...

Linux Distros Unpatched Vulnerability : CVE-2023-54240

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ethernet: mtkethsoc: fix possible NULL pointer dereference in mtkhwlrogetfdirall rulelocs is allocated in ethtoolgetrxnfc and the size is determined by...

CVE-2025-40027

CVE-2025-40027 (Linux kernel) : The issue is in the 9P client where a race between p9_read_work (cleaning up pending requests) and p9_fd_cancelled (handling canceled requests) could lead to a double removal of req_list and related corruption. The fix in commit 74d6a5d56629 adjusts the cancellatio...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987343)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987343 advisory. In the Linux kernel, the following vulnerability has been resolved: net: nfc: Fix use-after-free in localcleanup Fix a use-after-free that occurs in kfreeskb called...

CVE-2022-50253 bpf: make sure skb->len != 0 when redirecting to a tunneling device

In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb-len != 0 when redirecting to a tunneling device syzkaller managed to trigger another case where skb-len == 0 when we enter devqueuexmit: WARNING: CPU: 0 PID: 2470 at include/linux/skbuff.h:2576 skbassertlen...

PT-2025-37633

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak was resolved in the wwan hwsim module within the Linux kernel. Specifically, a fault injection during module probing could lead to a memory leak in the wwan hwsim dev new...

CVE-2025-38719

The CVE-2025-38719 entry concerns the Linux kernelnet hibmcge: when the network port is down, a released queue can yield ring->len = 0, triggering a division by zero in hbg_get_queue_used_num() called from debugfs. The provided patch adds a guard: if ring->len is 0, hbg_get_queue_used_num()...

net: drop UFO packets in udp_rcv_segment()

...

Linux Distros Unpatched Vulnerability : CVE-2025-37961

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipvs: fix uninit-value for saddr in dooutputroute4 syzbot reports for uninit-value for the saddr argument 1. commit 4754957f04f5 ipvs: do not use random local...

UBUNTU-CVE-2022-49865

In the Linux kernel, the following vulnerability has been resolved: ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network When copying a struct ifaddrlblmsg to the network, ifalreserved remained uninitialized, resulting in a 1-byte infoleak: BUG: KMSAN: kernel-network-infoleak...

ndisc: extend RCU protection in ndisc_send_skb()

...

DEBIAN-CVE-2024-56718

In the Linux kernel, the following vulnerability has been resolved: net/smc: protect link down work from execute after lgr freed link down work may be scheduled before lgr freed but execute after lgr freed, which may result in crash. So it is need to hold a reference before shedule link down work...

kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs

In the Linux kernel, the following vulnerability has been resolved: net: core: reject skbcopyexpand for fraglist GSO skbs SKBGSOFRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skbcopy or skbcopyexpand, in order to prevent a crash on a...

UBUNTU-CVE-2024-26754

In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtpgenldumppdp The gtpnetops pernet operations structure for the subsystem must be registered before registering the generic netlink family. Syzkaller hit 'general protection fault in...

Apple Removes macOS Feature That Allowed Apps to Bypass Firewall Security

Apple has removed a controversial feature from its macOS operating system that allowed the company's own first-party apps to bypass content filters, VPNs, and third-party firewalls. Called "ContentFilterExclusionList," it included a list of as many as 50 Apple apps like iCloud, Maps, Music,...

Apple Mac OS X WiFi DoS

System kernel panicin network with disabled mcs...