16 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment, the skb destructor is removed before segmenting the skb, but the reference to the socket remains intact. This issue arises if the original skb becomes orphaned later, as ...
SUSE CVE-2026-23048
In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...
CVE-2026-23048
In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...
CVE-2026-23048 udp: call skb_orphan() before skb_attempt_defer_free()
In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...
EUVD-2026-5499
In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...
CVE-2026-23048
The CVE-2026-23048 entry describes a Linux kernel UDP path issue: the standard UDP receive path did not use skb->destructor, while the skmsg layer did via skb_set_owner_sk_safe() in udp_read_skb(), leading to a DEBUG_NET_WARN_ON_ONCE(skb->destructor) in skb_attempt_defer_free(). The documen...
PT-2026-6118
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where the standard UDP receive path does not utilize skb-destructor, but the skmsg layer does through a call to skb set owner sk safe from udp read skb...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992375)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992375 advisory. In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 skbuff...
kernel: skbuff: skb_segment, Call zero copy functions before using skbuff frags
In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 "skbuff: in skbsegment, call zerocopy functions once per nskb" added the call to zero copy functions in skbsegment. The change introduced ...
CVE-2023-53489
In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socketAFINET, SOCKDGRAM, 0...
CVE-2023-53354 skbuff: skb_segment, Call zero copy functions before using skbuff frags
In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 "skbuff: in skbsegment, call zerocopy functions once per nskb" added the call to zero copy functions in skbsegment. The change introduced ...
kernel: net: gso: fix ownership in __udp_gso_segment
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...
SUSE CVE-2025-21926
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...
DEBIAN-CVE-2025-21926
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...
UBUNTU-CVE-2025-21926
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...
CVE-2024-26921
CVE-2024-26921 is a Linux kernel issue where in the tx path, skb fragments could trigger a use-after-free of the socket when fragments are reassembled and the skb->sk field is freed prematurely. The fix, analyzed by Eric Dumazet, moves orphaning to the last safe moment, delaying skb->sk des...