304 matches found
CVE-2026-31684
In the Linux kernel, the following vulnerability has been resolved: net: sched: actcsum: validate nested VLAN headers tcfcsumact walks nested VLAN headers directly from skb-data when an skb still carries in-payload VLAN tags. The current code reads vlan-hvlanencapsulatedproto and then pulls...
CVE-2026-31684
In the Linux kernel, the following vulnerability has been resolved: net: sched: actcsum: validate nested VLAN headers tcfcsumact walks nested VLAN headers directly from skb-data when an skb still carries in-payload VLAN tags. The current code reads vlan-hvlanencapsulatedproto and then pulls...
kernel: net/sched: cls_u32: use skb_header_pointer_careful()
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...
kernel: net/sched: cls_u32: use skb_header_pointer_careful()
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...
Moderate: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
kernel: net/sched: cls_u32: use skb_header_pointer_careful()
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
kernel: net/sched: cls_u32: use skb_header_pointer_careful()
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...
kernel: net/sched: cls_u32: use skb_header_pointer_careful()
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...
net/sched: cls_flow: fix NULL pointer dereference on shared blocks
...
net/sched: sch_hfsc: fix divide-by-zero in rtsc_min()
...
SUSE SLES12 Security Update : kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:1293-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1293-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.283 fixes various security issues The following security issues were fixed: -...
SUSE SLES15 Security Update : kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1278-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1278-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.19 fixes various security issues The following security issues were fixed: -...
Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.290 fixes various security issues The following security issues were fixed: CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zer...
SUSE-SU-2026:1298-1 Security update for the Linux Kernel (Live Patch 72 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.272 fixes various security issues The following security issues were fixed: - CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. - CVE-2025-39973: i40e: add validation for ringlen param...
CVE-2026-31422
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsflow: fix NULL pointer dereference on shared blocks flowchange calls tcfblockq and dereferences q-handle to derive a default baseclass. Shared blocks leave block-q NULL, causing a NULL deref when a flow filter witho...
CVE-2026-31421 net/sched: cls_fw: fix NULL pointer dereference on shared blocks
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsfw: fix NULL pointer dereference on shared blocks The old-method path in fwclassify calls tcfblockq and dereferences q-handle. Shared blocks leave block-q NULL, causing a NULL deref when an empty clsfw filter is...
SUSE-SU-2026:21102-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: - CVE-2025-40159: xsk: Harden userspace-supplied xdpdesc validation bsc1253404. - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken...
SUSE-SU-2026:21100-1 Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues The following security issues were fixed: - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf bsc1256780. - CVE-2026-22999: net/sched: schqfq: do not fre...
CVE-2026-31422
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsflow: fix NULL pointer dereference on shared blocks flowchange calls tcfblockq and dereferences q-handle to derive a default baseclass. Shared blocks leave block-q NULL, causing a NULL deref when a flow filter witho...