Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: NSh: The skb-protocol,data,macheader field for the outer header in nshgsosegment was restored. syzbot triggered various errors by sending a crafted GSO packet using the protocol VIRTIONETHDRGSOUDP, which includes the following...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: openvswitch: removed the never-working support for setting nsh fields The validation of the setnsh... action is completely incorrect. It uses the nshkeyputfromnlattr function, which is the same function used to validate N...

net: openvswitch: fix middle attribute validation in push_nsh() action

...

CVE-2025-68785

A slab-out-of-bounds read vulnerability was found in the Linux kernel's Open vSwitch OVS module. The pushnsh action does not validate the middle nested attribute OVSKEYATTRNSH between the outer action and inner key attributes. When the middle attribute has an incorrect size, the nladata unwrap...

CVE-2025-68785

CVE-2025-68785 concerns a Linux kernel openvswitch vulnerability in the push_nsh() action. The root cause is missing validation of the middle NSH attribute (not guaranteed to be OVS_KEY_ATTR_NSH) inside the action nesting, allowing unsafe access during validation and nested nla processing. The ci...

net: openvswitch: remove never-working support for setting nsh fields

...

CVE-2025-40254

CVE-2025-40254 targets the Linux kernel openvswitch nsh field handling. The issue stems from incorrect validation of set(nsh(...)) due to a mismatched memory layout and confusing mask vs value flags, which can cause kernel NULL pointer dereferences or crashes during validation. The advisory notes...

EUVD-2025-201203

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

CVE-2025-40254 net: openvswitch: remove never-working support for setting nsh fields

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

CVE-2025-40254 net: openvswitch: remove never-working support for setting nsh fields

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

CVE-2025-40254

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

kernel: Linux kernel: Denial of Service due to incorrect network packet processing in NSH module

A flaw was found in the Linux kernel, specifically within its Network Service Header NSH module. A local attacker could exploit this vulnerability by sending specially crafted network packets, which would cause the system to crash. This issue, a type of Denial of Service DoS, arises from an...

kernel: Linux kernel: Denial of Service due to incorrect network packet processing in NSH module

A flaw was found in the Linux kernel, specifically within its Network Service Header NSH module. A local attacker could exploit this vulnerability by sending specially crafted network packets, which would cause the system to crash. This issue, a type of Denial of Service DoS, arises from an...

kernel: Linux kernel: Denial of Service due to incorrect network packet processing in NSH module

A flaw was found in the Linux kernel, specifically within its Network Service Header NSH module. A local attacker could exploit this vulnerability by sending specially crafted network packets, which would cause the system to crash. This issue, a type of Denial of Service DoS, arises from an...

kernel: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment().

In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb-protocol,data,macheader for outer header in nshgsosegment. syzbot triggered various splats see 0 and links by a crafted GSO packet of VIRTIONETHDRGSOUDP layering the following protocols: ETHP8021AD + ETHPNSH +...

SUSE CVE-2024-36933

In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb-protocol,data,macheader for outer header in nshgsosegment. syzbot triggered various splats see 0 and links by a crafted GSO packet of VIRTIONETHDRGSOUDP layering the following protocols: ETHP8021AD + ETHPNSH +...

DEBIAN-CVE-2024-36933

In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb-protocol,data,macheader for outer header in nshgsosegment. syzbot triggered various splats see 0 and links by a crafted GSO packet of VIRTIONETHDRGSOUDP layering the following protocols: ETHP8021AD + ETHPNSH +...

UBUNTU-CVE-2017-5342

In tcpdump before 4.9.0, a bug in multiple protocol parsers Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE could cause a buffer overflow in print-ether.c:etherprint...