227 matches found
SUSE CVE-2026-46320
In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...
SUSE CVE-2026-46322
In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...
CVE-2026-46321
In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp allocated for it. tunsendmsg discards that -EINVAL and still returns...
CVE-2026-46322
In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...
CVE-2026-46322 tun: free page on build_skb failure in tun_xdp_one()
In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...
CVE-2026-46322
The CVE relates to the Linux kernel tun driver vulnerability CVE-2026-46322. When build_skb() fails inside tun_xdp_one(), the function returns -ENOMEM without freeing the allocated page for the frame, causing a memory leak of one page-frag chunk per failed build_skb() in a batch. The root cause i...
CVE-2026-46321 tun: free page on short-frame rejection in tun_xdp_one()
In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp allocated for it. tunsendmsg discards that -EINVAL and still returns...
EUVD-2026-35411
In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp allocated for it. tunsendmsg discards that -EINVAL and still returns...
CVE-2026-46321
Summary. CVE-2026-46321 concerns the Linux kernel tun/tap with vhost-net, where a short-frame rejection path in tun_xdp_one() can leak memory pages. Specifically, when a frame is shorter than ETH_HLEN, tun_xdp_one() returns -EINVAL without freeing the page allocated by vhost_net_build_xdp(). tun_...
CVE-2026-46321 tun: free page on short-frame rejection in tun_xdp_one()
In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp allocated for it. tunsendmsg discards that -EINVAL and still returns...
CVE-2026-46320 tap: free page on error paths in tap_get_user_xdp()
In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...
CVE-2026-46320 tap: free page on error paths in tap_get_user_xdp()
In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the tapgetuserxdp function failing when short frames are rejected or the buildskb function fails,...
PT-2026-47757
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the tap get user xdp function. When a frame is shorter than ETH HLEN, the function returns -EINVAL; similarly, it returns -ENOMEM if build skb fails. In both...
PT-2026-47758
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel when the tun xdp one function returns -EINVAL for frames shorter than ETH HLEN without freeing the page allocated by vhost net build xdp. Because...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the tunxdpone function not releasing the page allocated by vhostnetbuildxdp when short frames are...
Linux Distros Unpatched Vulnerability : CVE-2026-46322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns...
Linux Distros Unpatched Vulnerability : CVE-2026-46321
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A vulnerability was discovered in vhostnewmsg in drivers/vhost/vhost.c within the Linux kernel. This issue arises due to the improper initialization of memory in messages transmitted between virtual guests and the host operating system, as implemented in the vhostnewmsg function. This vulnerabili...
Astra Linux – Vulnerability in Linux 5.10, Linux
A use-after-free flaw was discovered in vhostnetsetbackend in drivers/vhost/net.c within the virtio network subcomponent of the Linux kernel, due to a double fget operation. This flaw could allow a local attacker to cause the system to crash, and could even lead to a kernel information leak issue...