262 matches found
CVE-2023-53354
In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 "skbuff: in skbsegment, call zerocopy functions once per nskb" added the call to zero copy functions in skbsegment. The change introduced ...
CVE-2023-53354 skbuff: skb_segment, Call zero copy functions before using skbuff frags
In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 "skbuff: in skbsegment, call zerocopy functions once per nskb" added the call to zero copy functions in skbsegment. The change introduced ...
CVE-2023-53354 skbuff: skb_segment, Call zero copy functions before using skbuff frags
In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 "skbuff: in skbsegment, call zerocopy functions once per nskb" added the call to zero copy functions in skbsegment. The change introduced ...
UBUNTU-CVE-2022-50323
In the Linux kernel, the following vulnerability has been resolved: net: do not sense pfmemalloc status in skbappendpagefrags skbappendpagefrags is used by afunix and udp sendpage implementation so far. In commit 326140063946 "tcp: TX zerocopy should not sense pfmemalloc status" we explained why ...
PT-2025-37681
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability exists in the Linux kernel related to the xsk socket kernel functionality. Specifically, the issue involves a potential NULL pointer dereference in the xsk transmit Tx pa...
AZL-67001 CVE-2025-39682 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...
CVE-2025-39682 tls: fix handling of zero-length records on the rx_list
In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...
CVE-2025-39682 tls: fix handling of zero-length records on the rx_list
In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...
CVE-2025-39682 tls: fix handling of zero-length records on the rx_list
In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...
CVE-2025-39682
CVE-2025-39682: Linux kernel TLS processing fix for zero-length TLS records in the rx_list. The patch changes recvmsg() to process either contiguous DATA records (any number) or one non-DATA record. If a future record type differs after decryption (possible with TLS 1.3 when type is undecided unt...
CVE-2025-38616
In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was installed, or uses...
Linux Distros Unpatched Vulnerability : CVE-2022-50003
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ice: xsk: prohibit usage of non- balanced queue id Fix the following scenario: 1. ethtool -L...
BIT-LIBPYTHON-2024-12254 Unbounded memory buffering in SelectorSocketTransport.writelines()
Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...
Linux Distros Unpatched Vulnerability : CVE-2024-11407
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg...
DEBIAN-CVE-2022-50003
In the Linux kernel, the following vulnerability has been resolved: ice: xsk: prohibit usage of non-balanced queue id Fix the following scenario: 1. ethtool -L $IFACE rx 8 tx 96 2. xdpsock -q 10 -t -z Above refers to a case where user would like to attach XSK socket in txonly mode at a queue id...
OESA-2025-1577 libbpf security update
A mirror of bpf-next linux tree bpf-next/tools/lib/bpf directory plus its supporting header files. The version of the package reflects the version of ABI. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: libbpf: Use OPTSSET macro in bpfxdpquery When the...
Secure IVSHMEM: End-To-End Shared-Memory Protocol with Hypervisor-CA Handshake and In-Kernel Access Control
In-host shared memory IVSHMEM enables high-throughput, zero-copy communication between virtual machines, but today's implementations lack any security control, allowing any application to eavesdrop or tamper with the IVSHMEM region. This paper presents Secure IVSHMEM, a protocol that provides...
kernel: virtio/vsock: Improve MSG_ZEROCOPY error handling
In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Improve MSGZEROCOPY error handling Add a missing kfreeskb to prevent memory leaks...
PT-2025-27751
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the bpf Berkeley Packet Filter functionality, specifically with ktls panic and sockmap. The issue arises when the BPF...
SUSE CVE-2024-11407
There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPCARGTCPTXZEROCOPYENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmission over the network...