65 matches found
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: xsk: Fixed a race condition in the AFXDP generic RX path. The rxlock function was moved from xsksocket to xskbuffpool. Synchronization issues were fixed for the shared umem mode in the generic RX path, where multiple sockets...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: ocb: skipping RXnosta when the interface is not joined The ieee80211ocbrxnosta function assumes a valid channel context, which is only present after the JOINOCB operation. RX operations may occur before JOINOCB is...
SUSE CVE-2026-46163
In the Linux kernel, the following vulnerability has been resolved: wifi: b43legacy: enforce bounds check on firmware key index in RX path Same fix as b43: the firmware-controlled key index in b43legacyrx can exceed dev-maxnrkeys. The existing B43legacyWARNON is non-enforcing in production builds...
UBUNTU-CVE-2026-46163
In the Linux kernel, the following vulnerability has been resolved: wifi: b43legacy: enforce bounds check on firmware key index in RX path Same fix as b43: the firmware-controlled key index in b43legacyrx can exceed dev-maxnrkeys. The existing B43legacyWARNON is non-enforcing in production builds...
PT-2026-44311
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A NULL pointer dereference occurs in the octeon ep vf driver. The function napi build skb can return NULL if an allocation failure occurs. In octep vf oq process rx, the result of this...
PT-2026-44286
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the b43legacy rx function within the b43legacy WiFi driver. The firmware-controlled key index can exceed the dev-max nr keys limit. Because the existing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock issues When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array...
SUSE CVE-2026-43102
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix memory leak in airohaqdmarxprocess If an error occurs on the subsequents buffers belonging to the non-linear part of the skb e.g. due to an error in the payload length reported by the NIC or if we consumed all th...
CVE-2026-43083
In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array when...
CVE-2026-43083 net: ioam6: fix OOB and missing lock
In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array when...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability arises when the ioam6 function sets trace-type.bit6. This can lead to out-of-bounds access on the RX...
EUVD-2026-25516
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...
CVE-2026-31623
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010755)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010755 advisory. In the Linux kernel, the following vulnerability has been resolved: skbuff: fix coalescing for pagepool fragment recycling Fix a use-after-free when using pagepool...
SUSE CVE-2026-23172
In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb-frags overflow in RX path When receiving data in the DPMAIF RX path, the t7xxdpmaifsetfragtoskb function adds page fragments to an skb without checking if the number of fragments has exceeded...
CVE-2025-71224 wifi: mac80211: ocb: skip rx_no_sta when interface is not joined
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: ocb: skip rxnosta when interface is not joined ieee80211ocbrxnosta assumes a valid channel context, which is only present after JOINOCB. RX may run before JOINOCB is executed, in which case the OCB interface is no...
CVE-2026-23172
In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb-frags overflow in RX path When receiving data in the DPMAIF RX path, the t7xxdpmaifsetfragtoskb function adds page fragments to an skb without checking if the number of fragments has exceeded...
UBUNTU-CVE-2026-23172
In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb-frags overflow in RX path When receiving data in the DPMAIF RX path, the t7xxdpmaifsetfragtoskb function adds page fragments to an skb without checking if the number of fragments has exceeded...
CVE-2026-23172
In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb-frags overflow in RX path When receiving data in the DPMAIF RX path, the t7xxdpmaifsetfragtoskb function adds page fragments to an skb without checking if the number of fragments has exceeded...
CVE-2026-23172
Technical details for CVE-2026-23172 are not publicly available in the provided documents; monitor for updates.