CVE-2026-31684

In the Linux kernel, the following vulnerability has been resolved: net: sched: actcsum: validate nested VLAN headers tcfcsumact walks nested VLAN headers directly from skb-data when an skb still carries in-payload VLAN tags. The current code reads vlan-hvlanencapsulatedproto and then pulls...

CVE-2026-31684

In the Linux kernel, the following vulnerability has been resolved: net: sched: actcsum: validate nested VLAN headers tcfcsumact walks nested VLAN headers directly from skb-data when an skb still carries in-payload VLAN tags. The current code reads vlan-hvlanencapsulatedproto and then pulls...

CVE-2026-31684

The CVE-2026-31684 issue is in the Linux kernel’s net/sched pathology (act_csum) where tcf_csum_act() reads nested VLAN headers directly from skb->data if the payload contains VLAN tags, and may read VLAN_HLEN bytes before guaranteeing the full header is present. The root cause is that the cod...

Linux Distros Unpatched Vulnerability : CVE-2026-31684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: sched: actcsum: validate nested VLAN headers tcfcsumact walks nested VLAN headers directly from skb-data when an skb still carries in-payload VLAN tags. Th...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the nested VLAN headers in actcsum not being linearly present. This vulnerability may lead to the...

EUVD-2021-14592

Malware in sbrugna...

Ubuntu: Security Advisory (USN-5915-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5915-1 linux-oem-6.1 vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

SUSE CVE-2021-27862

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion and optionally VLAN0 headers...

USN-5857-1: Linux kernel (OEM) vulnerability

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

USN-5856-1: Linux kernel (OEM) vulnerabilities

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-0179 Hu Jiahui discovered that multiple race...

CVE-2021-27854

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse...

Design/Logic Flaw

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse...

CVE-2021-27854 L2 network filtering bypass using stacked VLAN0, LLC/SNAP headers, and Ethernet to Wifi frame translation

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse...

CVE-2021-27854 L2 network filtering bypass using stacked VLAN0, LLC/SNAP headers, and Ethernet to Wifi frame translation

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse...

CVE-2021-27853

Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers...

Design/Logic Flaw

Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers...

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of service attacks. An attacker can cause a crash by triggering the use of GRO path for large crafted packets which only contain VLAN headers...

DEBIAN-CVE-2016-7039

The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a relat...

CVE-2016-7039

The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a relat...