124 matches found
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: phonet/pep: fixed the use of racyskbqueueempty The receive queues are protected by their respective spin-locks, not the socket lock. This could lead to skbpeek returning NULL or a pointer to a socket buffer that has already been...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: phonet: fixed the rtmphonetnotify function’s skb allocation. The fillroute function stores three components in the skb: - struct rtmsg - RTADST u8 - RTAOIF u32 Therefore, rtmphonetnotify should use: NLMSGALIGNsizeofstruct rtmsg...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refusal to enable an unbound pipe The ioctl function implicitly assumed that the socket was already bound to a valid local socket name, i.e., a Phonet object. If the socket was not bound, two problems would occur: 1 W...
Astra Linux - уязвимость в linux, linux-5.10
The pepsockaccept function in the net/phonet/pep.c file in the Linux kernel, as of version 5.15.8, has a reference count leak...
net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete()
...
SUSE CVE-2026-31616
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fphonet: fix skb frags overflow in pnrxcomplete A broken/bored/mean USB host can overflow the skbsharedinfo-frags array on a Linux gadget exposing a Phonet function by sending an unbounded sequence of full-page OUT...
SUSE CVE-2026-31623
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...
Linux Distros Unpatched Vulnerability : CVE-2026-31616
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fphonet: fix skb frags overflow in pnrxcomplete A broken/bored/mean USB host can overflow the skbsharedinfo-frags array on a Linux gadget exposing ...
Linux Distros Unpatched Vulnerability : CVE-2026-31623
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array b...
CVE-2026-31623
A flaw was found in the Linux kernel's cdc-phonet driver. A malicious USB device, pretending to be a CDC Phonet modem, can exploit this vulnerability by sending an unlimited number of large data transfers. This can cause an overflow in the kernel's internal data buffer skbsharedinfo-frags array,...
CVE-2026-31616
A flaw was found in the Linux kernel's USB gadget Phonet function. A remote attacker, acting as a malicious USB host, could exploit this vulnerability by sending a continuous stream of full-page data transfers. This action causes an overflow in the kernel's internal data structures, leading to...
DEBIAN-CVE-2026-31623
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...
CVE-2026-31623
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...
DEBIAN-CVE-2026-31616
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fphonet: fix skb frags overflow in pnrxcomplete A broken/bored/mean USB host can overflow the skbsharedinfo-frags array on a Linux gadget exposing a Phonet function by sending an unbounded sequence of full-page OUT...
CVE-2026-31623
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...
CVE-2026-31623
The CVE-2026-31623 issue affects the Linux kernel net: usb: cdc-phonet driver. A malicious USB device claiming to be a CDC Phonet modem can overflow the skb_shared_info->frags[] array by sending an unbounded sequence of full-page bulk transfers in rx_complete(). The consequence described is a ...
EUVD-2026-25516
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...
CVE-2026-31623 net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete()
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...
CVE-2026-31623
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...
EUVD-2026-25509
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fphonet: fix skb frags overflow in pnrxcomplete A broken/bored/mean USB host can overflow the skbsharedinfo-frags array on a Linux gadget exposing a Phonet function by sending an unbounded sequence of full-page OUT...