Security Bulletin: IBM DataPower Gateway affected by integer overflow in OS kernel

Summary This flaw may affect TCP networking. Vulnerability Details CVEID:CVE-2022-50865 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcpaddbacklog The type of skrcvbuf and sksndbuf in struct sock is int, and in...

CLSA-2026-1770032032 kernel: Fix of 63 CVEs

mm/memory-failure: fix VMBUGONPAGEPagePoisonedpage when unpoison memory CVE-2025-39883 - comedi: aioiiro16: Fix bit shift out of bounds CVE-2025-38529 - comedi: das6402: Fix bit shift out of bounds CVE-2025-38482 - comedi: pcl812: Fix bit shift out of bounds CVE-2025-38530 - comedi: das16m1: Fix...

USN-7311-1 linux-aws, linux-aws-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers cor...

USN-7304-1 linux-gcp, linux-gke, linux-gkeop vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers cor...

CVE-2022-49598 tcp: Fix data-races around sysctl_tcp_mtu_probing.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpmtuprobing. While reading sysctltcpmtuprobing, it can be changed concurrently. Thus, we need to add READONCE to its readers...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7166-1)

"The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7166-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Security Bulletin: IBM DataPower Gateway vulnerable to Denial of Service (CVE-2023-52881)

Summary This issue can affect TCP networking Vulnerability Details CVEID:CVE-2023-52881 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian...

Arista Networks CloudVision Portal Linux Kernel TCP Multiple DoS (SA0041)

The version of Arista Networks CloudVision Portal running on the remote device is affected by the following denial of service DoS vulnerabilities related to TCP networking in the Linux kernel, which can be exploited by a remote, unauthenticated attacker: - SACK Panic. The TCPSKBCBskb-tcpgsosegs...

Check Point Gaia Operating System Administrator password truncation (sk156192)

The remote host is running a version of the Gaia Operating System which is affected by multiple vulnerabilities involving the Linux Kernel's handling of TCP networking. - It is possible to overflow the 16bit width of TCPSKBCBskb-tcpgsosegs which could result in the system crashing resulting in a...

TCP SACK PANIC

A Linux kernel vulnerability in TCP networking could allow DoS CVE-2019-11477 is considered an Important severity, whereas CVE-2019-11478 and CVE-2019-11479 are considered a Moderate severity. The first two are related to the Selective Acknowledgement SACK packets combined with Maximum Segment Si...

Check Point Response to CVE-2019-11477, CVE-2019-11478, CVE-2019-11479 - TCP SACK PANIC Linux Kernel vulnerabilities

Cause CVE-2019-11477: The Linux kernel is vulnerable to an integer overflow in the 16-bit width of TCPSKBCBskb- tcpgsosegs. A remote attacker could exploit this to crash the system and create a Denial Of Service. CVE-2019-11478: The Linux kernel is vulnerable to a flaw that allows attackers to se...