228 matches found
CVE-2026-43039 net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...
EUVD-2026-26638
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...
CVE-2026-43039
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...
CVE-2026-43039
CVE-2026-43039 concerns the Linux kernel icssg-prueth driver. In ZC RX dispatch, emac_dispatch_skb_zc() allocates a new skb via napi_alloc_skb() but fails to copy the received packet data from the XDP buffer, causing uninitialized heap memory to be passed up the stack and potentially leaking kern...
CVE-2026-43039
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...
Exploit for CVE-2026-31431
Copy Fail — CVE-2026-31431 CVE-2026-31431 Copy Fail is a lo...
PT-2026-36456
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the emac dispatch skb zc function where a new skb is allocated via napi alloc skb but packet data from the XDP buffer is not copied into it. This results in the skb...
SUSE CVE-2026-31691
In the Linux kernel, the following vulnerability has been resolved: igb: remove napisynchronize in igbdown When an AFXDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling continues. igbcleanrxirqzc repeatedly returns the full budget,...
CVE-2026-31691
A flaw was found in the Linux kernel's igb network driver. When an AFXDP zero-copy application terminates abruptly, the network driver's NAPI polling mechanism can become stuck. This prevents the igbdown function from completing, leading to the TX queue becoming permanently stalled. This can resu...
CVE-2026-31691
In the Linux kernel, the following vulnerability has been resolved: igb: remove napisynchronize in igbdown When an AFXDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling continues. igbcleanrxirqzc repeatedly returns the full budget,...
EUVD-2026-25888
In the Linux kernel, the following vulnerability has been resolved: igb: remove napisynchronize in igbdown When an AFXDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling continues. igbcleanrxirqzc repeatedly returns the full budget,...
CVE-2026-31691
The CVE-2026-31691 vulnerability affects the Linux kernel igb driver. It describes a race where igb_down() calls napi_synchronize() before napi_disable(), causing a hang: napi_synchronize() waits on NAPI_STATE_SCHED that never clears, blocking TX and leaving the TX queue stalled. The fix removes ...
PT-2026-35497
In the Linux kernel, the following vulnerability has been resolved: igb: remove napi synchronize in igb down When an AF XDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling continues. igb clean rx irq zc repeatedly returns the full budget,...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013216)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013216 advisory. In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, wi...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011009)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011009 advisory. In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, wi...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013270)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013270 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix skb leak in skbtstamptx Commit 50749f2dd685 tcp/udp: Fix memleaks of sk and zerocopy skb...
SUSE CVE-2026-31419
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bondxmitbroadcast bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it for others. Concurrent slave enslave/release can mutate the slave list...
CVE-2026-31419
Summary of CVE-2026-31419 : A use-after-free in the Linux kernel bonding driver is caused by a race in bond_xmit_broadcast() where the last slave determination can change during RCUs, leading to double-free of the original skb and a potential crash. The fix replaces the racy bond_is_last_slave() ...
CVE-2026-31419 net: bonding: fix use-after-free in bond_xmit_broadcast()
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bondxmitbroadcast bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it for others. Concurrent slave enslave/release can mutate the slave list...
CVE-2026-31419
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bondxmitbroadcast bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it for others. Concurrent slave enslave/release can mutate the slave list...