116 matches found
SUSE CVE-2022-50365
In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail can have some unexpected side effects if a program uses a helper like BPFFUNCskbpulldata to read partial content beyond the head skb headlen when all t...
UBUNTU-CVE-2022-50365
In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail can have some unexpected side effects if a program uses a helper like BPFFUNCskbpulldata to read partial content beyond the head skb headlen when all t...
CVE-2023-53354 skbuff: skb_segment, Call zero copy functions before using skbuff frags
In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 "skbuff: in skbsegment, call zerocopy functions once per nskb" added the call to zero copy functions in skbsegment. The change introduced ...
CVE-2022-50365 skbuff: Account for tail adjustment during pull operations
In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail can have some unexpected side effects if a program uses a helper like BPFFUNCskbpulldata to read partial content beyond the head skb headlen when all t...
CVE-2022-50365
CVE-2022-50365 pertains to the Linux kernel's skb tail handling during pull operations. The issue can arise when a program uses helpers like BPF_FUNC_skb_pull_data to read content beyond the skb headlen if all fragments are linear, potentially triggering a kernel BUG in net/core/skbuff.c:4219. Th...
CVE-2022-50365 skbuff: Account for tail adjustment during pull operations
In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail can have some unexpected side effects if a program uses a helper like BPFFUNCskbpulldata to read partial content beyond the head skb headlen when all t...
PT-2025-38175
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to skbuff socket buffer handling during pull operations. Extending the tail of a skbuff can lead to unexpected behavior when using helpers lik...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a mishandling of the skbuff tail adjustment, which could cause the kernel to crash...
SUSE CVE-2023-53186
In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 "skbuff: fix coalescing for pagepool fragment recycling" allowed coalescing to proceed with non page pool page and page pool page when @from is cloned,...
CVE-2023-53186
In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 "skbuff: fix coalescing for pagepool fragment recycling" allowed coalescing to proceed with non page pool page and page pool page when @from is cloned,...
UBUNTU-CVE-2023-53186
In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 "skbuff: fix coalescing for pagepool fragment recycling" allowed coalescing to proceed with non page pool page and page pool page when @from is cloned,...
CVE-2023-53186
CVE-2023-53186 affects the Linux kernel’s skb handling: a race between coalescing and releasing SKBs can occur when merging fragments across page_pool and non-page_pool pages. The root cause is that skb_cloned(from) must remain true until coalescing finishes; if the other cloned SKB is released m...
Linux Distros Unpatched Vulnerability : CVE-2020-0430
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In skbheadlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with...
AZL-64749 CVE-2025-38185 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendmsg copies data passed from userspace to skb and passes it to vcc-dev-ops-send. atmtcpcsend accesses skb-data as struct atmtcphdr afte...
SUSE CVE-2022-49093
In the Linux kernel, the following vulnerability has been resolved: skbuff: fix coalescing for pagepool fragment recycling Fix a use-after-free when using pagepool with page fragments. We encountered this problem during normal RX in the hns3 driver: 1 Initially we have three descriptors in the RX...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect assumption that the transport header is always set, which triggers a warning in skbuff.h when i...
UBUNTU-CVE-2024-57802
In the Linux kernel, the following vulnerability has been resolved: netrom: check buffer length before accessing it Syzkaller reports an uninit value read from ax25cmp when sending raw message through ieee802154 implementation. ===================================================== BUG: KMSAN:...
CVE-2024-56638
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: incorrect percpu area handling under softirq Softirq can interrupt ongoing packet from process context that is walking over the percpu area that contains inner header offsets. Disable bh and perform three...
CVE-2024-56638 netfilter: nft_inner: incorrect percpu area handling under softirq
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: incorrect percpu area handling under softirq Softirq can interrupt ongoing packet from process context that is walking over the percpu area that contains inner header offsets. Disable bh and perform three...
CVE-2024-50251 netfilter: nft_payload: sanitize offset and length before calling skb_checksum()
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftpayload: sanitize offset and length before calling skbchecksum If access to offset + length is larger than the skbuff length, then skbchecksum triggers BUGON. skbchecksum internally subtracts the length parameter...