Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copythresh allocation failure The driver did not handle failures related to netdevallocskbip-align. If the allocation fails, dereferencing skb-protocol could lead to a NULL pointer dereference. This patch...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: octeonep: Added handling of SKB allocation failures in octepoqprocessrx. The buildskb function returns NULL in case of a memory allocation failure. Therefore, this behavior should be handled within octepoqprocessrx to avoid NULL...

DEBIAN-CVE-2023-53752

In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This allowed various crash as reported by syzbot 1 and Kyle...

EUVD-2025-36475

In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copythresh allocation failure The driver did not handle failure of netdevallocskbipalign. If the allocation failed, dereferencing skb-protocol could lead to a NULL pointer dereference. This patch tries to...

kernel: ndisc: use RCU protection in ndisc_alloc_skb()

A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...

kernel: ndisc: use RCU protection in ndisc_alloc_skb()

A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...

kernel: ndisc: use RCU protection in ndisc_alloc_skb()

A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix memleak in certain XDP cases If the XDP program doesn't result in XDPPASS then we leak the memory allocated by am65cpswbuildskb. It is pointless to allocate SKB memory before running the XDP...

can: ctucanfd: handle skb allocation failure

...

DEBIAN-CVE-2025-21788

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix memleak in certain XDP cases If the XDP program doesn't result in XDPPASS then we leak the memory allocated by am65cpswbuildskb. It is pointless to allocate SKB memory before running the XDP...

DEBIAN-CVE-2025-21774

In the Linux kernel, the following vulnerability has been resolved: can: rockchip: rkcanfdhandlerxfifooverflowint: bail out if skb cannot be allocated Fix NULL pointer check in rkcanfdhandlerxfifooverflowint to bail out if skb cannot be allocated...

DEBIAN-CVE-2025-21758

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mldnewpack mldnewpack can be called without RTNL or RCU being held. Note that we no longer can use sockallocsendskb because ipv6.igmpsk uses GFPKERNEL allocations which can sleep. Instead use...

UBUNTU-CVE-2025-21775

In the Linux kernel, the following vulnerability has been resolved: can: ctucanfd: handle skb allocation failure If skb allocation fails, the pointer to struct canframe is NULL. This is actually handled everywhere inside ctucanerrinterrupt except for the only place. Add the missed NULL check. Fou...

CVE-2025-21788 net: ethernet: ti: am65-cpsw: fix memleak in certain XDP cases

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix memleak in certain XDP cases If the XDP program doesn't result in XDPPASS then we leak the memory allocated by am65cpswbuildskb. It is pointless to allocate SKB memory before running the XDP...

CVE-2025-21774 can: rockchip: rkcanfd_handle_rx_fifo_overflow_int(): bail out if skb cannot be allocated

In the Linux kernel, the following vulnerability has been resolved: can: rockchip: rkcanfdhandlerxfifooverflowint: bail out if skb cannot be allocated Fix NULL pointer check in rkcanfdhandlerxfifooverflowint to bail out if skb cannot be allocated...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the rkcanfdhandlerxfifooverflowint function failing to properly handle a skb allocation failure, which could...

DEBIAN-CVE-2022-49417

In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mei: fix potential NULL-ptr deref If SKB allocation fails, continue rather than using the NULL pointer. Coverity CID: 1497650...

SUSE CVE-2024-56639

In the Linux kernel, the following vulnerability has been resolved: net: hsr: must allocate more bytes for RedBox support Blamed commit forgot to change hsrinitskb to allocate larger skb for RedBox case. Indeed, sendhsrsupervisionframe will add two additional components struct hsrsuptlv and struc...

DEBIAN-CVE-2024-56639

In the Linux kernel, the following vulnerability has been resolved: net: hsr: must allocate more bytes for RedBox support Blamed commit forgot to change hsrinitskb to allocate larger skb for RedBox case. Indeed, sendhsrsupervisionframe will add two additional components struct hsrsuptlv and struc...

Linux Kernel - io_submit L2TP sendmsg Integer Overflow

/ Source: https://code.google.com/p/google-security-research/issues/detail?id=735 In certain kernel versions it is possible to use the AIO subsystem iosubmit syscall to pass size values larger than MAXRWCOUNT to the networking subsystem's sendmsg implementation. In the L2TP PPP sendmsg...