CVE-2026-46123

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: clamp rx length before skbput virtbtrxwork calls skbputskb, len where len comes directly from virtqueuegetbuf with no validation against the buffer we posted to the device. The RX skb is allocated in...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: htchst: In the ath9khtcrxmsg function, if there is no callback function, the provided skb is not freed. It is stated that ath9khtcrxmsg either frees the provided skb or passes its management to another callback...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Fix for invalid access to memory In ath12kdprxmsducoalesce, rxcb is fetched from skb, and the boolean iscontinuation is part of rxcb. Currently, after freeing the skb, the value of rxcb-iscontinuation is accessed...

CVE-2026-43457

In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: fix skb memory leak in receive path When 'midev-allowrx' is false, the newly allocated skb isn't consumed by netifrx, it needs to free the skb directly...

CVE-2026-43457

CVE-2026-43457 affects the Linux kernel MCTP over I2C receive path. When midev->allow_rx is false, a newly allocated skb is not consumed by netif_rx() and must be freed directly, otherwise a memory leak can occur leading to potential DoS through memory exhaustion. The available connected sourc...

CVE-2026-43457

In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: fix skb memory leak in receive path When 'midev-allowrx' is false, the newly allocated skb isn't consumed by netifrx, it needs to free the skb directly...

PT-2026-39034

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel within the NCSI RX and AEN handlers. Specifically, the ncsi aen handler function returns on invalid AEN packets without consuming the socket buff...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: udp: Fixed multiple wraparounds of sk-skrmemalloc. udpenqueuescheduleskb has the following condition: if atomicread&sk-skrmemalloc sk-skrcvbuf goto drop; sk-skrcvbuf is initialized by net.core.rmemdefault and can later be...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Add tx check to prevent skb leak Below is a summary of how the driver stores a reference to an skb during transmit: txbufffreemapconsumerindex-skb = newskb; freemapconsumerindex = IBMVNICINVALIDMAP; consumerindex ++; Whe...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006628)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006628 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: nxp-nci: Fix potential memory leak in nxpncisend nxpncisend will call nxpncii2cwrite, and on...

SUSE CVE-2026-23339

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on ncitransceive early error paths ncitransceive takes ownership of the skb passed by the caller, but the -EPROTO, -EINVAL, and -EBUSY error paths return without freeing it. Due to issues clearing NCIDATAEXCHAN...

CVE-2026-23339

CVE-2026-23339 is resolved in the Linux kernel through fixes around NFC/NCI skb handling (nci_transceive error paths releasing skb) as cited by multiple OSV entries and kernel patches. Connected advisories show Root: Debian/Ubuntu/Mageia patches for rootio-linux, with multiple fixed versions (e.g...

CVE-2026-23339 nfc: nci: free skb on nci_transceive early error paths

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on ncitransceive early error paths ncitransceive takes ownership of the skb passed by the caller, but the -EPROTO, -EINVAL, and -EBUSY error paths return without freeing it. Due to issues clearing NCIDATAEXCHAN...

CVE-2026-23095

In the Linux kernel, the following vulnerability has been resolved: gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak below. 0 The repro generated a GUE packet with its inner protocol 0. gueudprecv returns -guehdr-protoctype for "resubmit" in ipprotocoldeliverrcu, but thi...

UBUNTU-CVE-2026-23095

In the Linux kernel, the following vulnerability has been resolved: gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak below. 0 The repro generated a GUE packet with its inner protocol 0. gueudprecv returns -guehdr-protoctype for "resubmit" in ipprotocoldeliverrcu, but thi...

EUVD-2026-5447

In the Linux kernel, the following vulnerability has been resolved: gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak below. 0 The repro generated a GUE packet with its inner protocol 0. gueudprecv returns -guehdr-protoctype for "resubmit" in ipprotocoldeliverrcu, but thi...

CVE-2026-23095

CVE-2026-23095 affects the Linux kernel Gue (GUE) path. It describes a skb memory leak when inner IP protocol is 0, triggered by a GUE repro. The issue arises because gue_udp_recv() may propagate a zero protocol, causing a memory leak; the fix drops such packets. The description notes that 0 is a...

CVE-2026-23095 gue: Fix skb memleak with inner IP protocol 0.

In the Linux kernel, the following vulnerability has been resolved: gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak below. 0 The repro generated a GUE packet with its inner protocol 0. gueudprecv returns -guehdr-protoctype for "resubmit" in ipprotocoldeliverrcu, but thi...

Linux Distros Unpatched Vulnerability : CVE-2026-23095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak below. 0 The repro generated a GUE packet with its inner protocol 0. gueudprecv retur...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992438)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992438 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: clean up skbs if ath9khifusbrxstream fails Syzkaller detected a memory leak ...