54 matches found
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: A use-after-free issue was addressed in emacmactxbufsend. In emacmactxbufsend, it calls emactxfilltpd.., skb,... If an error occurs in emactxfilltpd, the skb will be freed via devkfreeskbskb in the error branch...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the BPF code, ensure that skb-len != 0 when redirecting a packet to a tunneling device. The syzkaller function managed to trigger another case where skb-len == 0 when entering devqueuexmit. WARNING: CPU: 0, PID: 2470; Location...
EUVD-2026-32767
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length before struct access btmtkusbhciwmtsync casts the WMT event response SKB data to struct btmtkhciwmtevt 7 bytes and struct btmtkhciwmtevtfuncc 9 bytes without first checking that the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k – Avoid referencing uninitialized memory in ath9kwmictrlrx. For the same reasons described in commit b383e8abed41 “Wifi: ath9k – Avoid uninitialized memory reading in ath9khtcrxmsg”, ath9khtcrxmsg should validate the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: qrtr: Fixed a bug related to access to the uninit variable in qrtrtxresume. Syzbot reported the following bugs: ===================================================== BUG: KMSAN: uninit-value in qrtrtxresume+0x185/0x1f0...
PT-2026-36448
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienet free tx chain sums the per-BD actual length from descriptor status into a caller-provided...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004950)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004950 advisory. In the Linux kernel, the following vulnerability has been resolved: pptp: ensure minimal skb length in pptpxmit Commit aabc6596ffb3 net: ppp: Add bound checking for...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993193)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993193 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Use skbsetlength for resetting urb before resubmit Syzbot points out that skbtrim...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unverified SKB packet length that could result in references to uninitialized memory...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992678)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992678 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be...
Bluetooth: hci_event: validate skb length for unknown CC opcode
...
SUSE CVE-2025-40301
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: validate skb length for unknown CC opcode In hcicmdcompleteevt, if the command complete event has an unknown opcode, we assume the first byte of the remaining skb-data contains the return status. However,...
EUVD-2025-201644
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: validate skb length for unknown CC opcode In hcicmdcompleteevt, if the command complete event has an unknown opcode, we assume the first byte of the remaining skb-data contains the return status. However,...
CVE-2025-40301
CVE-2025-40301 affects the Linux kernel Bluetooth subsystem, specifically the HCI event handling path. The issue arises in hci_cmd_complete_evt() when an event has an unknown opcode: the code previously assumed skb->data[0] holds the return status, but parameter data may have already been pull...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unverified skb length that could lead to the use of uninitialized memory...
PT-2025-49433
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Bluetooth implementation within the hci cmd complete evt function. Specifically, the code does not validate the length of the socket buffer skb before...
kernel: net: usb: smsc75xx: Limit packet length to skb->len
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...
net: usb: lan78xx: Limit packet length to skb->len
...
EUVD-2023-60030
In the Linux kernel, the following vulnerability has been resolved: xsk: fix refcount underflow in error path Fix a refcount underflow problem reported by syzbot that can happen when a system is running out of memory. If xpalloctxdescs fails, and it can only fail due to not having enough memory,...
kernel: net: usb: smsc75xx: Limit packet length to skb->len
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...