kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, a leak in the skbtstamptx function was fixed. Commit 50749f2dd685 “tcp/udp: Fixed memory leaks in sk and zerocopy skbs during TX timestamping” added a call to skborphanfragsrx, to fix leaks related to zeroco...

CVE-2023-53716

CVE-2023-53716 is a Linux kernel vulnerability described as a leak in skb handling: after a TX timestamp code path, if skb_orphan_frags_rx() fails, the skb cloned for zerocopy skb leaks. The issue is tied to the net: skb_tstamp_tx() flow and was addressed by a kernel fix in the commit that added ...

UBUNTU-CVE-2025-38413

In the Linux kernel, the following vulnerability has been resolved: virtio-net: xsk: rx: fix the frame's length check When calling buftoxdp, the len argument is the frame data's length without virtio header's length vi-hdrlen. We check that len with xskpoolgetrxframesize + vi-hdrlen to ensure the...