CVE-2025-39984

In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi-skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb net/core/gro.c:723...

CVE-2025-39988

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the...

UBUNTU-CVE-2025-39986

In the Linux kernel, the following vulnerability has been resolved: can: sun4ican: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACK...

CVE-2025-39988 can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the...

CVE-2025-39987 can: hi311x: populate ndo_change_mtu() to prevent buffer overflow

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKET...

CVE-2025-39986

CVE-2025-39986 affects the Linux kernel sun4i_can CAN driver. Root cause: sun4i_can did not populate net_device_ops->ndo_change_mtu(), allowing an attacker to set an invalid MTU (e.g., 9999) via ip link and then use PF_PACKET with ETH_P_CANXL to inject frames. The PF_PACKET path only checks sk...

CVE-2025-39985

In CVE-2025-39985, the Linux kernel’s mcba_usb CAN driver could bypass MTU enforcement via PF_PACKET, allowing a malformed CAN XL frame to reach xmit() and trigger a buffer overflow. The root cause is that mcba_usb does not populate net_device_ops->ndo_change_mtu(), so a user can set an invali...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

PT-2025-42260

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's mcba usb CAN driver related to handling PF PACKET sockets and CAN XL frames. Specifically, the driver lacks proper MTU validation through the ndo chan...

PT-2025-42263

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's CAN subsystem, specifically within the etas es58x driver. Sending a PF PACKET can bypass the CAN framework's logic and directly reach the driver's xmi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to update napi-skb after XDP processing, which could lead to reuse after release...

Security Bulletin: Technical Support Appliance - possible denial of service

Summary A flaw in TCP/IP may allow a denial of service Vulnerability Details CVEID:CVE-2024-50154 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0 in reqsktimerhandler...

kernel: net: usb: smsc75xx: Limit packet length to skb->len

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...

kernel: skbuff: Fix a race between coalescing and releasing SKBs

In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 "skbuff: fix coalescing for pagepool fragment recycling" allowed coalescing to proceed with non page pool page and page pool page when @from is cloned,...

Microsoft Windows Ancillary Function Driver for WinSock 访问控制错误漏洞

Microsoft Windows Ancillary Function Driver for WinSock is a helper function driver for Winsock from Microsoft Corporation USA. An access control error vulnerability exists in Microsoft Windows Ancillary Function Driver for WinSock, which stems from an attacker's ability to elevate privileges by...

SUSE CVE-2025-39964

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...

EUVD-2025-34068

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...

[SECURITY] [DLA 4329-1] libfcgi security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4329-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 13, 2025 https://wiki.debian.org/LTS -...

AZL-68460 CVE-2025-39964 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...

AZL-76437 CVE-2025-39964 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...