linux is vulnerable to Denial Of Service (DoS). It is possible for a guest to trigger a NIC
interface reset/abort/crash in the backend by sending certain kinds of packets. It appears to be an assumption in the rest of the network stack that packet protocol headers are all contained within the linear section of the SKB
and some NIC
s behave badly if this is not the case.
git://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2022-3643
packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html
www.openwall.com/lists/oss-security/2022/12/07/2
lists.debian.org/debian-lts-announce/2022/12/msg00031.html
lists.debian.org/debian-lts-announce/2022/12/msg00034.html
xenbits.xenproject.org/xsa/advisory-423.txt