CVE-2023-53125 net: usb: smsc75xx: Limit packet length to skb->len

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...

CVE-2023-53068 net: usb: lan78xx: Limit packet length to skb->len

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Limit packet length to skb-len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory content...

CVE-2023-53068

CVE-2023-53068 is reported in the Linux kernel under net: usb: lan78xx: Limit packet length to skb->len. The vulnerability arises when the packet length read from the descriptor may exceed skb->len, causing a cloned skb passed up the network stack to leak kernel memory contents. A fix was a...

CVE-2020-36789

In the Linux kernel, the following vulnerability has been resolved: can: dev: cangetechoskb: prevent call to kfreeskb in hard IRQ context If a driver calls cangetechoskb during a hardware IRQ which is often, but not always, the case, the 'WARNONinirq' in net/core/skbuff.cskbreleaseheadstate might...

CVE-2020-36789 can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context

In the Linux kernel, the following vulnerability has been resolved: can: dev: cangetechoskb: prevent call to kfreeskb in hard IRQ context If a driver calls cangetechoskb during a hardware IRQ which is often, but not always, the case, the 'WARNONinirq' in net/core/skbuff.cskbreleaseheadstate might...

SUSE-SU-2025:20189-1 Security update for kernel-livepatch-MICRO-6-0_Update_3

This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: - CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 - CVE-2024-56648: Fixed net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452 - CVE-2024-50302: Fixed HID: core: zero-initialize th...

PT-2025-17216 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the CAN network stack. The issue occurs when a driver calls can get echo skb during a hardware IRQ, potentially...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nfsd: fix legacy client tracking initialization CVE-2024-58092 In the Linux kernel, the following vulnerability has been resolved: keys: Fix UAF in keyput CVE-2025-21893 In the Linux kernel, the following...

Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability

Talos Vulnerability Report TALOS-2024-2098 Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability April 14, 2025 CVE Number CVE-2025-2260,None SUMMARY A denial of service vulnerability exists in the NetX HTTP server functionality of Eclipse ThreadX NetX Duo git commit 6c8e9d1. A...

CVE-2024-45544

CVE-2024-45544 is a memory corruption issue in Qualcomm hardware triggered by IOCTL processing for adding a route entry. Documented as affecting Qualcomm kernel components; vector is Local with Low privileges required, no user interaction. Impact is Confidentiality: Low, Integrity: High, Availabi...

CVE-2024-45544 Use After Free in Data Network Stack & Connectivity

Memory corruption while processing IOCTL calls to add route entry in the HW...

CVE-2024-45544 Use After Free in Data Network Stack & Connectivity

Memory corruption while processing IOCTL calls to add route entry in the HW...

CVE-2025-21926

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...

CVE-2023-52991

In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer in skbsegmentlist Commit 3a1296a38d0c "net: Support GRO/GSO fraglist chaining." introduced UDP listifyed GRO. The segmentation relies on fraglist being untouched when passing through the network stack. This...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the network subsystem not properly tracking kernel socket lifecycles, which could lead to reference counting...

net: fec: handle page_pool_dev_alloc_pages error

...

net: inet6: do not leave a dangling sk pointer in inet6_create()

...

Linux Distros Unpatched Vulnerability : CVE-2022-28199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA's distribution of the Data Plane Development Kit MLNXDPDK contains a vulnerability in the network stack, where error recovery is not handled properly,...

SUSE CVE-2022-49662

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix lockdep splat in in6dumpaddrs As reported by syzbot, we should not use rcudereference when rcureadlock is not held. WARNING: suspicious RCU usage 5.19.0-rc2-syzkaller 0 Not tainted net/ipv6/addrconf.c:5175 suspicious...

CVE-2022-49051

CVE-2022-49051 concerns the Linux kernel USB driver net: usb: aqc111, specifically the aqc111_rx_fixup() function. The advisory states multiple out-of-bounds accesses that a malicious or defective USB device can trigger, including OOB reads in the metadata array (desc_offset..desc_offset+2*pkt_co...