Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988891)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988891 advisory. In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986966)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986966 advisory. In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of...

CVE-2021-47309

A vulnerability was found in the Linux kernel's networking component, where the skbtunnelinfo function can return unvalidated data. This issue arises because the function does not check the type of lwtstate-data before using it, which could lead to accessing incompatible data types and cause memo...

CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

UBUNTU-CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2021-47309 net: validate lwtstate->data before returning from skb_tunnel_info()

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2021-47309 net: validate lwtstate->data before returning from skb_tunnel_info()

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2021-47309

CVE-2021-47309 affects the Linux kernel's net/tunnel code: skb_tunnel_info() may return a pointer to lwtstate->data without validating its type, risking out-of-bounds reads such as during VXLAN routing. Connected advisories (SUSE-SU-2024:2561-1 and related OSV/Nessus entries) confirm the fix i...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the skbtunnelinfo function not validating the pointer before returning it...

GSD-2021-1001439 net: validate lwtstate->data before returning from skb_tunnel_info()

net: validate lwtstate-data before returning from skbtunnelinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.277 by commit...

UVI-2021-1001439 net: validate lwtstate->data before returning from skb_tunnel_info()

net: validate lwtstate-data before returning from skbtunnelinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.277 by commit...

GSD-2021-1001407 net: validate lwtstate->data before returning from skb_tunnel_info()

net: validate lwtstate-data before returning from skbtunnelinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.241 by commit...

GSD-2021-1001371 net: validate lwtstate->data before returning from skb_tunnel_info()

net: validate lwtstate-data before returning from skbtunnelinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.199 by commit...

UVI-2021-1001320 net: validate lwtstate->data before returning from skb_tunnel_info()

net: validate lwtstate-data before returning from skbtunnelinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.135 by commit...

GSD-2021-1001258 net: validate lwtstate->data before returning from skb_tunnel_info()

net: validate lwtstate-data before returning from skbtunnelinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.53 by commit...

UVI-2021-1001258 net: validate lwtstate->data before returning from skb_tunnel_info()

net: validate lwtstate-data before returning from skbtunnelinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.53 by commit...