33 matches found
CVE-2026-53235
In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...
UBUNTU-CVE-2026-53235
In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...
EUVD-2026-39326
In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...
CVE-2026-53235
Summary of technical details (CVE-2026-53235) : The Linux kernel GRO receive path had a bug in skb_gro_receive_list() where skb_pull(skb, skb_gro_offset(skb)) could run without ensuring the data is linear (missing pskb_may_pull() guard). When packets arrive via napi_gro_frags(), skb_headlen can b...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: IB/core: A limit has been implemented on the size of the UMAD receive list. The current behavior of ibumad—which maintains received MAD packets in an unbounded list—poses a risk of uncontrolled growth. As user-space applications...
CLSA-2026-1778930898 kernel: Fix of CVE-2026-46300
ptrace: require CAPSYSPTRACE when task has no mm - net: udpoffload: propagate SKBFLSHAREDFRAG in skbgroreceivelist CVE-2026-46300...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-42145)
IB/core: an unbounded UMAD receive list, poses a risk of uncontrolled growth. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504750;...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990496)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990496 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ibumad, which maintains...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990286)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990286 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ibumad, which maintains...
kernel: tls: fix handling of zero-length records on the rx_list
In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986564)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986564 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ibumad, which maintains...
kernel: tls: fix handling of zero-length records on the rx_list
In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...
SUSE CVE-2025-39682
In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...
tls: fix handling of zero-length records on the rx_list
...
CVE-2025-39682
In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...
SUSE CVE-2024-58239
In the Linux kernel, the following vulnerability has been resolved: tls: stop recv if initial processrxlist gave us non-DATA If we have a non-DATA record on the rxlist and another record of the same type still on the queue, we will end up merging them: - processrxlist copies the non-DATA record -...
CVE-2024-58239
In the Linux kernel, the following vulnerability has been resolved: tls: stop recv if initial processrxlist gave us non-DATA If we have a non-DATA record on the rxlist and another record of the same type still on the queue, we will end up merging them: - processrxlist copies the non-DATA record -...
CVE-2024-58239
CVE-2024-58239 affects the Linux kernel TLS receive path. If a non-DATA record remains on the rx_list and another record of the same type is still queued, records can merge, causing incorrect processing: the non-DATA record may be treated as DATA, leading to improper handling. The fix described i...
CVE-2024-58239
In the Linux kernel, the following vulnerability has been resolved: tls: stop recv if initial processrxlist gave us non-DATA If we have a non-DATA record on the rxlist and another record of the same type still on the queue, we will end up merging them: - processrxlist copies the non-DATA record -...
CVE-2024-58239 tls: stop recv() if initial process_rx_list gave us non-DATA
In the Linux kernel, the following vulnerability has been resolved: tls: stop recv if initial processrxlist gave us non-DATA If we have a non-DATA record on the rxlist and another record of the same type still on the queue, we will end up merging them: - processrxlist copies the non-DATA record -...