10 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fragment transmission helper function failing to propagate the SKBFLSHAREDFRAG bit. This coul...
SUSE-SU-2026:21764-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...
SUSE-SU-2026:1899-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker...
CVE-2026-23016
In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...
CVE-2025-40046 io_uring/zcrx: fix overshooting recv limit
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix overshooting recv limit It's reported that sometimes a zcrx request can receive more than was requested. It's caused by iozcrxrecvskb adjusting desc-count for all received buffers including frag lists, but then...
CVE-2023-53354 skbuff: skb_segment, Call zero copy functions before using skbuff frags
In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 "skbuff: in skbsegment, call zerocopy functions once per nskb" added the call to zero copy functions in skbsegment. The change introduced ...
Unbreakable Enterprise kernel security update
5.4.17-2136.336.5.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37138988 5.4.17-2136.336.5 - uek-rpm: Add skxedaccommon.ko to nanomodules Sherry Yang Orabug: 37030127 - EDAC, i10nm: make skxcommon.o a separate module Arnd Bergmann Orabug: 37030127 - uek-rpm:...
CVE-2021-47162
In the Linux kernel, the following vulnerability has been resolved: tipc: skblinearize the head skb when reassembling msgs It's not a good idea to append the frag skb to a skb's fraglist if the fraglist already has skbs from elsewhere, such as this skb was created by pskbcopy where the fraglist w...
CVE-2023-52580
In the Linux kernel, the following vulnerability has been resolved: net/core: Fix ETHP1588 flow dissector When a PTP ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to skbflowdissect, nhoff value calculation is wrong. For example: hdr-messagelength takes t...
CVE-2023-52580 net/core: Fix ETH_P_1588 flow dissector
In the Linux kernel, the following vulnerability has been resolved: net/core: Fix ETHP1588 flow dissector When a PTP ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to skbflowdissect, nhoff value calculation is wrong. For example: hdr-messagelength takes t...