591 matches found
net: clear the dst when changing skb protocol
...
kernel: net: atm: fix use after free in lec_send()
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...
UBUNTU-CVE-2025-38490
In the Linux kernel, the following vulnerability has been resolved: net: libwx: remove duplicate pagepoolputfullpage pagepoolputfullpage should only be invoked when freeing Rx buffers or building a skb if the size is too short. At other times, the pages need to be reused. So remove the redundant...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to refresh the queue when reading sockets by TLS, which could lead to the use of a freed skb...
kernel: net: atm: fix use after free in lec_send()
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...
In FRRouting (FRR) all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size
...
net: ppp: Add bound checking for skb data on ppp_sync_txmung
...
kernel: net: atm: fix use after free in lec_send()
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...
DEBIAN-CVE-2025-38185
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendmsg copies data passed from userspace to skb and passes it to vcc-dev-ops-send. atmtcpcsend accesses skb-data as struct atmtcphdr afte...
CVE-2025-38192
In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol A not-so-careful NAT46 BPF program can crash the kernel if it indiscriminately flips ingress packets from v4 to v6: BUG: kernel NULL pointer dereference, address: 0000000000000000...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an invalid length skb not being freed, which could lead to a memory leak...
DEBIAN-CVE-2025-38124
In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skbsegment after pull from fraglist Commit a1e40ac5b5e9 "net: gso: fix udp gso fraglist segmentation after pull from fraglist" detected invalid geometry in fraglist skbs and redirects them from skbsegmentlist to...
kernel: ndisc: use RCU protection in ndisc_alloc_skb()
A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...
kernel: ndisc: use RCU protection in ndisc_alloc_skb()
A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...
DEBIAN-CVE-2022-50073
In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in devparseheaderprotocol when skb-dev is null Fixes a NULL pointer derefence bug triggered from tap driver. When tapgetuser calls virtionethdrtoskb the skb-dev is null in tap.c skb-dev is set aft...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the espintcp driver not releasing the skb in the wrong path...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: can: rockchip: rkcanfdhandlerxfifooverflowint: bail out if skb cannot be allocated Fix NULL pointer check in rkcanfdhandlerxfifooverflowint to bail out if skb cannot be allocated...
kernel: ndisc: use RCU protection in ndisc_alloc_skb()
A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...
DEBIAN-CVE-2025-37992
In the Linux kernel, the following vulnerability has been resolved: netsched: Flush gsoskb list too during -change Previously, when reducing a qdisc's limit via the -change operation, only the main skb queue was trimmed, potentially leaving packets in the gsoskb list. This could result in NULL...
SUSE CVE-2025-37909
In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the skb to the LS descriptor. Previously skb was mapped to EXT descriptor when the number of fragments is zero with GSO enabled. Mapping the skb to EXT descriptor preven...