CVE-2026-53253

The CVE-2026-53253 entry concerns the Linux kernel Bluetooth BNEP path. A short BNEP SDU could be processed without validating required bytes in bnep_rx_frame and bnep_rx_control, leading to a potential access of unverified data (KASAN). The fix adds proper length validation by using skb_pull_dat...

EUVD-2026-39204

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...

CVE-2026-46321

A flaw was found in the Linux kernel. A local attacker with access to the tun/tap device can exploit this vulnerability. By sending network frames shorter than the expected header length, the system fails to free allocated memory pages, leading to memory leaks. This can exhaust system memory,...

EUVD-2026-35411

In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp allocated for it. tunsendmsg discards that -EINVAL and still returns...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the tunxdpone function not releasing the page allocated by vhostnetbuildxdp when short frames are...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the tapgetuserxdp function failing when short frames are rejected or the buildskb function fails,...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: dropping short frames Technically, some control frames, such as ACK frames, are shorter and end after “Address 1”. Such frames should not be forwarded through wmediumd or similar user-space mechanisms...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005664)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005664 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: drop short frames While technically some control frames like ACK are shorter...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005456)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005456 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: drop short frames While technically some control frames like ACK are shorter...

SUSE SLES12 Security Update : kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:0521-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0521-1 advisory. This update for the SUSE Linux Enterprise kernel 4.12.14-122.261 fixes various security issues The following security issues were fixed: -...

SUSE-SU-2026:0521-1 Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.261 fixes various security issues The following security issues were fixed: - CVE-2023-53321: wifi: mac80211hwsim: drop short frames bsc1250314. - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers and...

CLSA-2026-1767864313 kernel: Fix of 46 CVEs

mm: hugetlb: fix UAF in hugetlbhandleuserfault CVE-2022-50630 - drm/amdkfd: fix potential kgdmem UAFs CVE-2023-53816 - net/mlx5e: Fix deadlock in tc route query code CVE-2023-53591 - PCI: Fix pcideviceispresent for VFs by checking PF CVE-2022-50636 - wifi: ath11k: fix monitor mode bringup crash...

OESA-2025-2769 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: drop short frames While technically some control frames like ACK are shorter and end after Address 1, such frames shouldn't be forwarded...

Qemu-kvm: stack buffer overflow in e1000 device via short frames in loopback mode

...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990349)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990349 advisory. In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed to check against the validi...

CVE-2025-12464 Qemu-kvm: stack buffer overflow in e1000 device via short frames in loopback mode

A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems from the device's receive code still being able to process a short frame in loopback mode. This...

CVE-2025-12464 Qemu-kvm: stack buffer overflow in e1000 device via short frames in loopback mode

A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems from the device's receive code still being able to process a short frame in loopback mode. This...

CVE-2025-12464

CVE-2025-12464 affects the QEMU e1000 network device. The root cause is a stack-based buffer overflow in the e1000_receive_iov path when processing short frames in loopback mode after padding logic was moved to net core. This can crash the QEMU host process (DoS). Public docs show fixes via SUSE/...

CVE-2025-12464

A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems from the device's receive code still being able to process a short frame in loopback mode. This...

SUSE-SU-2025:3716-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49980: USB: gadget: fix use-after-free read in usbudcuevent bsc1245110. - CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev-devname,shortname...