net: fix crash when config small gso_max_size/gso_ipv4_max_size

...

BSOD, "BAD SYSTEM CONFIG INFO", When Creating a New Layer

When trying to create a new Windows 11 platform layer a BSOD loop occurs during the first boot of the packaging machine. Offload Composting was enabled. The below screens are seen...

SUSE CVE-2024-57933

In the Linux kernel, the following vulnerability has been resolved: gve: guard XSK operations on the existence of queues This patch predicates the enabling and disabling of XSK pools on the existence of queues. As it stands, if the interface is down, disabling or enabling XSK pools would result i...

SUSE CVE-2025-21629

In the Linux kernel, the following vulnerability has been resolved: net: reenable NETIFFIPV6CSUM offload for BIG TCP packets The blamed commit disabled hardware offoad of IPv6 packets with extension headers on devices that advertise NETIFFIPV6CSUM, based on the definition of that feature in...

CVE-2025-21629

In the Linux kernel, the following vulnerability has been resolved: net: reenable NETIFFIPV6CSUM offload for BIG TCP packets The blamed commit disabled hardware offoad of IPv6 packets with extension headers on devices that advertise NETIFFIPV6CSUM, based on the definition of that feature in...

CVE-2025-21629

In the Linux kernel, the following vulnerability has been resolved: net: reenable NETIFFIPV6CSUM offload for BIG TCP packets The blamed commit disabled hardware offoad of IPv6 packets with extension headers on devices that advertise NETIFFIPV6CSUM, based on the definition of that feature in...

DEBIAN-CVE-2025-21629

In the Linux kernel, the following vulnerability has been resolved: net: reenable NETIFFIPV6CSUM offload for BIG TCP packets The blamed commit disabled hardware offoad of IPv6 packets with extension headers on devices that advertise NETIFFIPV6CSUM, based on the definition of that feature in...

AZL-68552 CVE-2025-21629 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: reenable NETIFFIPV6CSUM offload for BIG TCP packets The blamed commit disabled hardware offoad of IPv6 packets with extension headers on devices that advertise NETIFFIPV6CSUM, based on the definition of that feature in...

UBUNTU-CVE-2025-21629

In the Linux kernel, the following vulnerability has been resolved: net: reenable NETIFFIPV6CSUM offload for BIG TCP packets The blamed commit disabled hardware offoad of IPv6 packets with extension headers on devices that advertise NETIFFIPV6CSUM, based on the definition of that feature in...

CVE-2025-21629

CVE-2025-21629: Linux kernel vulnerability where NETIF_F_IPV6_CSUM offload for BIG TCP/IPv6 packets with extension headers was disabled by a commit; this caused skb_warn_bad_offload to fire for large TCP packets. The issue is resolved by reverting the change and re-enabling IPv6 CSUM offload for ...

CVE-2025-21629 net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets

In the Linux kernel, the following vulnerability has been resolved: net: reenable NETIFFIPV6CSUM offload for BIG TCP packets The blamed commit disabled hardware offoad of IPv6 packets with extension headers on devices that advertise NETIFFIPV6CSUM, based on the definition of that feature in...

CVE-2025-21629 net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets

In the Linux kernel, the following vulnerability has been resolved: net: reenable NETIFFIPV6CSUM offload for BIG TCP packets The blamed commit disabled hardware offoad of IPv6 packets with extension headers on devices that advertise NETIFFIPV6CSUM, based on the definition of that feature in...

OpenVPN Data Channel Offload 代码问题漏洞

OpenVPN Data Channel Offload OpenVPN DCO is a cutting-edge Linux kernel module from OpenVPN designed to revolutionize the performance of VPN servers and clients. A code issue vulnerability exists in OpenVPN Data Channel Offload version 1.1.1. Exploitation of this vulnerability by an unprivileged...

SUSE CVE-2024-56656

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix aggregation ID mask to prevent oops on 5760X chips The 5760X P7 chip's HW GRO/LRO interface is very similar to that of the previous generation 5750X or P5. However, the aggregation ID fields in the completion structur...

OESA-2025-1029 dpdk security update

The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the...

SUSE CVE-2024-56649

In the Linux kernel, the following vulnerability has been resolved: net: enetc: Do not configure preemptible TCs if SIs do not support Both ENETC PF and VF drivers share enetcsetuptcmqprio to configure MQPRIO. And enetcsetuptcmqprio calls enetcchangepreemptibletcs to configure preemptible TCs...

dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...