CVE-2026-46120

In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...

Linux Distros Unpatched Vulnerability : CVE-2026-23439

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - udptunnel: fix NULL deref caused by udpsockcreate6 when CONFIGIPV6=n When CONFIGIPV6 is disabled, the udpsockcreate6 function returns 0 success without actually...

Important: kernel-livepatch-5.10.245-241.976

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/ip6tunnel: Prevent perpetual tunnel growth CVE-2025-40173 Affected Packages: kernel-livepatch-5.10.245-241.976 Issue Correction: Please ensure you have live patching enabled. Run yum update...

CVE-2025-40173

CVE-2025-40173 affects Linux kernel net/ip6_tunnel, which could allow perpetual tunnel headroom growth. The fix mirrors the IPv4 patch by applying a headroom limit to the IPv6 tunnel (no ceiling previously). Connected advisories show mitigation via kernel updates (AL2 ALAS-2026-3161 and related k...

CVE-2025-40173 net/ip6_tunnel: Prevent perpetual tunnel growth

In the Linux kernel, the following vulnerability has been resolved: net/ip6tunnel: Prevent perpetual tunnel growth Similarly to ipv4 tunnel, ipv6 version updates dev-neededheadroom, too. While ipv4 tunnel headroom adjustment growth was limited in commit 5ae1e9922bbd "net: iptunnel: prevent...

CVE-2025-37781

In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent device will not be found, leading to NULL pointer dereference. That can also be reproduced by...

CVE-2023-53020 l2tp: close all race conditions in l2tp_tunnel_register()

In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...

OESA-2023-1230 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: Apache HTTP Server versions 2.4.6 to 2.4.46 modproxywstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for...

PT-2022-35197 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.77 Description: The issue concerns the handling of device MTU in IPv6 tunnels. It was introduced in version v3.7 and fixed in version v5.15.77. The actual impact and attack plausibility have not yet been...

OpenVPN Private Tunnel Local Buffer Overflow Vulnerability

OpenVPN is a software package for creating virtual private network VPN encrypted tunnels from the American company OpenVPN.OpenVPN PrivateTunnel is an OpenVPN service. A local buffer overflow vulnerability exists in OpenVPN Private Tunnel version 2.7/2.8. An attacker could exploit this...

Hack, the leader of the” TK found vulnerabilities “Bad Tunnel” can hijack the network traffic, privilege escalation, affecting all versions of Windows-vulnerability warning-the black bar safety net

Did find last night the computer suddenly is the background to occupy a lot of bandwidth, causing the network speed to slow down. This is a Windows and on a massive bug fix update. Where there are two high-risk vulnerabilities for windows95 to Windows 10 will have an impact that can almost be...