Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: veth: Ensure that the eth header is in the linear part of the skb structure. After feeding a decapsulated packet to a veth device using actmirred, skbheadlen may be 0. However, vethxmit calls devforwardskb, which expects at...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ERSPAN: Ensure that erspanbasehdr is present in skb-head. SYZBOT reported a problem with ip6erspanrcv 1. The issue is that ip6erspanrcv and erspanrcv no longer ensures that erspanbasehdr is present in the linear part of skb-he...

SUSE CVE-2026-31684

In the Linux kernel, the following vulnerability has been resolved: net: sched: actcsum: validate nested VLAN headers tcfcsumact walks nested VLAN headers directly from skb-data when an skb still carries in-payload VLAN tags. The current code reads vlan-hvlanencapsulatedproto and then pulls...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013168)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013168 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: Fix out of bounds access in DCCP error handler There was a previous attempt to fix an...

Azure Linux 3.0 Security Update: kernel (CVE-2024-40996)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40996 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid splat in pskbpullreason...

CVE-2023-53782

In the Linux kernel, the following vulnerability has been resolved: dccp: Fix out of bounds access in DCCP error handler There was a previous attempt to fix an out-of-bounds access in the DCCP error handlers, but that fix assumed that the error handlers only want to access the first 8 bytes of th...

UBUNTU-CVE-2023-53782

In the Linux kernel, the following vulnerability has been resolved: dccp: Fix out of bounds access in DCCP error handler There was a previous attempt to fix an out-of-bounds access in the DCCP error handlers, but that fix assumed that the error handlers only want to access the first 8 bytes of th...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ipvlan: Ensure that the network headers are in the skb linear part. syzbot found that ipvlanprocessv6outbound assumes that the IPv6 network header isis present in skb-head 1. Add the necessary pskbnetworkmaypull calls for both...

SUSE CVE-2022-49066

In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with actmirred, skbheadlen may be 0. But vethxmit calls devforwardskb, which expects at least ETHHLEN byte of linear data as...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: In the bpf code, the splat operation in skbpullreason can cause an issue. The syzkaller build with CONFIGDEBUGNET=y frequently triggers a debug hint in skbmaypull. We would like to keep this debug check because it might indicate...

SUSE CVE-2024-35888

In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head syzbot reported a problem in ip6erspanrcv 1 Issue is that ip6erspanrcv and erspanrcv no longer make sure erspanbasehdr is present in skb linear part skb-head before getting...

DEBIAN-CVE-2024-35888

In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head syzbot reported a problem in ip6erspanrcv 1 Issue is that ip6erspanrcv and erspanrcv no longer make sure erspanbasehdr is present in skb linear part skb-head before getting...

kernel: veth: Ensure eth header is in skb's linear part

In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with actmirred, skbheadlen may be 0. But vethxmit calls devforwardskb, which expects at least ETHHLEN byte of linear data as...