Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ovpn: TCP – fix for extracting packets from the stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv, which may contain multiple coalesced packets. The current implementation has two...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: Handling of integer overflows in kmallocreserve The committed change was as follows: c ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This caused various crashes, as reported ...

CVE-2026-43098

Summary (concrete details from provided documents): CVE-2026-43098 affects the Linux kernel NFC subsystem, specifically the s3fwrn5 driver, where s3fwrn82_uart_read() may consume bytes into recv_skb and deliver a complete frame before a new receive buffer is allocated. If alloc_skb() fails, the c...

PT-2026-37408

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the NFC s3fwrn5 component where the s3fwrn82 uart read function reports accepted bytes to the serdev core. The system may deliver a complete frame before allocating a...

Linux Distros Unpatched Vulnerability : CVE-2026-43098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfc: s3fwrn5: allocate rx skb before consuming bytes s3fwrn82uartread reports the number of accepted bytes to the serdev core. The current code consumes bytes...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: qede: ensure that the skb is allocated before use. qedebuildskb assumes that buildskb always works and proceeds directly to skbreserve. However, buildskb may fail under memory pressure. This results in a kernel panic because the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mei: fixed potential NULLptr dereferencing issues. If SKB allocation fails, continue instead of using a NULL pointer. Coverity CID: 1497650...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: fixed a possible NULL pointer dereferencing in sendacknowledge This issue involves handling memory allocation failures caused by nciskballoc, which calls allocskb. This fix prevents possible NULL pointer dereferences...

CVE-2026-31660

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: allocate rx skb before consuming bytes pn532receivebuf reports the number of accepted bytes to the serdev core. The current code consumes bytes into recvskb and may already hand a complete frame to pn533recvframe befo...

SUSE CVE-2026-31531

In the Linux kernel, the following vulnerability has been resolved: ipv4: nexthop: allocate skb dynamically in rtmgetnexthop When querying a nexthop object via RTMGETNEXTHOP, the kernel currently allocates a fixed-size skb using NLMSGGOODSIZE. While sufficient for single nexthops and small...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21936)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21936 advisory. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmtallocskb in...

SUSE CVE-2023-54265

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix an uninit variable access bug in ip6makeskb Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in archatomic64inc arch/x86/include/asm/atomic6464.h:88 inli...

CVE-2023-54265

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix an uninit variable access bug in ip6makeskb Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in archatomic64inc arch/x86/include/asm/atomic6464.h:88 inli...

SUSE CVE-2022-50709

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at ath9khtcrxmsg 1, for ioctlUSBRAWIOCTLEPWRITE can call ath9khifusbrxstream with pktlen = 0 but ath9khifusbrxstream uses devallocskbpktlen +...

CVE-2023-53752 net: deal with integer overflows in kmalloc_reserve()

In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This allowed various crash as reported by syzbot 1 and Kyle...

PT-2026-2519

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a memory leak in the nr sendmsg function within the netrom networking protocol implementation. The issue occurred when the sock alloc send skb function returne...

SUSE CVE-2025-40053

In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copythresh allocation failure The driver did not handle failure of netdevallocskbipalign. If the allocation failed, dereferencing skb-protocol could lead to a NULL pointer dereference. This patch tries to...

AZL-68855 CVE-2025-40053 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copythresh allocation failure The driver did not handle failure of netdevallocskbipalign. If the allocation failed, dereferencing skb-protocol could lead to a NULL pointer dereference. This patch tries to...

UBUNTU-CVE-2025-40053

In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copythresh allocation failure The driver did not handle failure of netdevallocskbipalign. If the allocation failed, dereferencing skb-protocol could lead to a NULL pointer dereference. This patch tries to...

CVE-2025-40053

The CVE-2025-40053 entry concerns the Linux kernel net driver for D-Link (net: dlink) where allocation failure of netdev_alloc_skb_ip_align() could cause a NULL pointer dereference when skb->protocol is dereferenced. The patch makes the code allocate skb and, if allocation fails, falls back to...