591 matches found
kernel: skbuff: Fix a race between coalescing and releasing SKBs
In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 "skbuff: fix coalescing for pagepool fragment recycling" allowed coalescing to proceed with non page pool page and page pool page when @from is cloned,...
SUSE CVE-2023-53685
In the Linux kernel, the following vulnerability has been resolved: tun: Fix memory leak for detached NAPI queue. syzkaller reported 0 memory leaks of sk and skb related to the TUN device with no repro, but we can reproduce it easily with: struct ifreq ifr = int fdtun, fdtmp; char buf4 = ; fdtun ...
CVE-2023-53660 bpf, cpumap: Handle skb as well when clean up ptr_ring
In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Handle skb as well when clean up ptrring The following warning was reported when running xdpredirectcpu with both skb-mode and stress-mode enabled: ------------ cut here ------------ Incorrect XDP memory type...
EUVD-2025-32742
In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Handle skb as well when clean up ptrring The following warning was reported when running xdpredirectcpu with both skb-mode and stress-mode enabled: ------------ cut here ------------ Incorrect XDP memory type...
CVE-2023-53660
In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Handle skb as well when clean up ptrring The following warning was reported when running xdpredirectcpu with both skb-mode and stress-mode enabled: ------------ cut here ------------ Incorrect XDP memory type...
EUVD-2006-2447
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987094)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987094 advisory. In the Linux kernel, the following vulnerability has been resolved: net: lltemac: Make sure to free skb when it is completely used With the skb pointer piggy-backed ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986885)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986885 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix a memleak when uncloning an skb dst and its metadata When uncloning an skb dst and its...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414393)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414393 advisory. A flaw was found in the Linux kernels networking code. A use-after-free was found in the way the schsfb enqueue function used the socket buffer SKB cb field after th...
CVE-2023-53559
In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...
UBUNTU-CVE-2023-53559
In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...
CVE-2023-53601 bonding: do not assume skb mac_header is set
In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb macheader is set Drivers must not assume in their ndostartxmit that skbs have their macheader set. skb-data is all what is needed. bonding seems to be one of the last offender as caught by syzbot:...
CVE-2023-53578 net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume()
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtrtxresume Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in qrtrtxresume+0x185/0x1f0 net/qrtr/afqrtr.c:230...
CVE-2023-53559 ip_vti: fix potential slab-use-after-free in decode_session6
In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...
CVE-2022-50476
The CVE-2022-50476 issue concerns ntb_netdev in the Linux kernel where TX/RX callback handlers can run in interrupt context via the DMA framework. The root cause was calling the interrupt-unsafe dev_kfree_skb() from ntb_netdev_tx_handler() and ntb_netdev_rx_handler(); the fix uses the interrupt-c...
EUVD-2025-32391
In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...
CVE-2025-39946 tls: make sure to abort the stream if headers are bogus
In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not verifying that skb is null, which could lead to a null pointer dereference...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not setting the cb field of the skb to 0 before sending a packet, which could lead to reuse after release...
EUVD-2023-59790
Malicious code in bioql PyPI...