14 matches found
CVE-2026-46102
The CVE-2026-46102 issue affects the Linux kernel network stream parser (net: strparser). When the stream parser is aborted (e.g., after a message assembly timeout), the partially assembled message referenced by strp->skb_head is not released in strp_abort_strp(), causing a memory leak that co...
EUVD-2026-32485
In the Linux kernel, the following vulnerability has been resolved: net: strparser: fix skbhead leak in strpabortstrp When the stream parser is aborted, for example after a message assembly timeout, it can still hold a reference to a partially assembled message in strp-skbhead. That skb is not...
PT-2026-43970
In the Linux kernel, the following vulnerability has been resolved: net: strparser: fix skb head leak in strp abort strp When the stream parser is aborted, for example after a message assembly timeout, it can still hold a reference to a partially assembled message in strp-skb head. That skb is no...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix the issue of failing to release the skbuff in seg6inputcore. The seg6input function is responsible for adding the SRH into a packet, delegating this operation to seg6inputcore. This function uses skbcowhead to ensur...
CVE-2026-31675
In the Linux kernel, the following vulnerability has been resolved: net/sched: schnetem: fix out-of-bounds access in packet corruption In netemenqueue, the packet corruption logic uses getrandomu32belowskbheadlenskb to select an index for modifying skb-data. When an AFPACKET TXRING sends fully...
SUSE CVE-2026-22988
In the Linux kernel, the following vulnerability has been resolved: arp: do not assume devhardheader does not change skb-head arpcreate is the only devhardheader caller making assumption about skb-head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after...
CVE-2026-22988
In the Linux kernel, the following vulnerability has been resolved: arp: do not assume devhardheader does not change skb-head arpcreate is the only devhardheader caller making assumption about skb-head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after...
CVE-2026-22988
CVE-2026-22988 affects the Linux kernel’s arp handling, specifically the assumption that skb->head remains unchanged after dev_hard_header() in arp_create(). The issue arises when a recent commit altered skb->head, breaking that assumption. The publicly provided description and OpenVAS/Ness...
CVE-2026-22988
In the Linux kernel, the following vulnerability has been resolved: arp: do not assume devhardheader does not change skb-head arpcreate is the only devhardheader caller making assumption about skb-head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after...
CVE-2026-22988 arp: do not assume dev_hard_header() does not change skb->head
In the Linux kernel, the following vulnerability has been resolved: arp: do not assume devhardheader does not change skb-head arpcreate is the only devhardheader caller making assumption about skb-head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after...
kernel: erspan: make sure erspan_base_hdr is present in skb->head
In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head The Linux kernel CVE team has assigned CVE-2024-35888 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051947-CVE-2024-35888-1e04@gregkh/T...
kernel: erspan: make sure erspan_base_hdr is present in skb->head
In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head The Linux kernel CVE team has assigned CVE-2024-35888 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051947-CVE-2024-35888-1e04@gregkh/T...
kernel: erspan: make sure erspan_base_hdr is present in skb->head
In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head The Linux kernel CVE team has assigned CVE-2024-35888 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051947-CVE-2024-35888-1e04@gregkh/T...
SUSE CVE-2023-52701
In the Linux kernel, the following vulnerability has been resolved: net: use a bounce buffer for copying skb-mark syzbot found arm64 builds would crash in sockrecvmark when CONFIGHARDENEDUSERCOPY=y x86 and powerpc are not detecting the issue because they define useraccessbegin. This will be handl...