CVE-2022-50706 net/ieee802154: don't warn zero-sized raw_sendmsg()

In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at devqueuexmit 1, for PFIEEE802154 socket's zero-sized rawsendmsg request is hitting devqueuexmit with skb-len == 0. Since PFIEEE802154...

CVE-2024-49949 net: avoid potential underflow in qdisc_pkt_len_init() with UFO

In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdiscpktleninit with UFO After commit 7c6d2ecbda83 "net: be more gentle about silly gso requests coming from user" virtionethdrtoskb had sanity check to detect malicious attempts from user space ...

CVE-2024-49948 net: add more sanity checks to qdisc_pkt_len_init()

In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdiscpktleninit One path takes care of SKBGSODODGY, assuming skb-len is bigger than hdrlen. virtionethdrtoskb does not fully dissect TCP headers, it only make sure it is at least 20 bytes. It is...

UBUNTU-CVE-2022-36946

nfqnlmangle in net/netfilter/nfnetlinkqueue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service panic because, in the case of an nfqueue verdict with a one-byte nftapayload attribute, an skbpull can encounter a negative skb-len...