net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete()

...

EUVD-2026-24899

In the Linux kernel, the following vulnerability has been resolved: afkey: validate families in pfkeysendmigrate syzbot was able to trigger a crash in skbput 1 Issue is that pfkeysendmigrate does not check old/new families, and that setipsecrequest @family argument was truncated, thus possibly...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003917)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003917 advisory. An issue was discovered in cancangwrcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that ca...

kernel: vsock/virtio: Validate length in packet header before skb_put()

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

kernel: vsock/virtio: Validate length in packet header before skb_put()

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: The length of the packet header is validated before calling skbPut. When receiving a vsock packet in the guest, only the size of the virtqueue buffer is validated prior to calling virtiovsockskbrxPut. Unfortunately,...

kernel: vsock/virtio: Validate length in packet header before skb_put()

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

CVE-2023-53535 net: bcmgenet: Add a check for oversized packets

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: Add a check for oversized packets Occasionnaly we may get oversized packets from the hardware which exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early check which drops the packet to avoid...

CVE-2025-39946

In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...

CVE-2025-39946 tls: make sure to abort the stream if headers are bogus

In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...

SUSE CVE-2025-39718

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

DEBIAN-CVE-2025-39718

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

AZL-66947 CVE-2025-39718 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

UBUNTU-CVE-2025-39718

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

CVE-2025-39718 vsock/virtio: Validate length in packet header before skb_put()

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unverified packet header length that could lead to an SKB overflow...

USN-7230-2 frr vulnerabilities

Iggy Frankovic discovered that FRR incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2024-44070 It was discovered that FRR re-validated all routes in...

CVE-2024-43844 wifi: rtw89: wow: fix GTK offload H2C skbuff issue

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: wow: fix GTK offload H2C skbuff issue We mistakenly put skb too large and that may exceed skb-end. Therefore, we fix it. skbuff: skboverpanic: text:ffffffffc09e9a9d len:416 put:204 head:ffff8fba04eca780...

Easy Chat Server 3.1 - Remote Stack Buffer Overflow (SEH) Exploit

Exploit Title: Easy Chat Server 3.1 - Remote Stack Buffer Overflow SEH Exploit Author: r00tpgp @ http://www.r00tpgp.com Usage: python easychat-exploit.py Spawns reverse meterpreter LHOST=192.168.0.162 LPORT=1990 CVE: CVE-2004-2466 Installer: http://www.echatserver.com/ Tested on: Microsoft Window...

The vulnerability of the skb_page_frag_refill parameter in the implementation of the Linux-based operating system kernel for IPSec protocols allows a attacker to cause a service failure.

The vulnerability of the “skbpagefragrefill” parameter in the implementation of the Linux-based operating system’s IPSec kernel protocol is related to buffer overflow in the stack. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...