In the Linux kernel, the following vulnerability has been resolved:
fou: Fix null-ptr-deref in GRO.
We observed a null-ptr-deref in fou_gro_receive() while shutting down
a host. [0]
The NULL point
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Prevent concurrent access to IPSec ASO context
The query or updating IPSec offload object is through Access ASO WQE.
Th
In the Linux kernel, the following vulnerability has been resolved:
net: ethernet: lantiq_etop: fix memory disclosure
When applying padding, the buffer is not zeroed, which results in memory
disclos
In the Linux kernel, the following vulnerability has been resolved:
net: fix NULL pointer in skb_segment_list
Commit 3a1296a38d0c ("net: Support GRO/GSO fraglist chaining.")
introduced UDP listifyed
In the Linux kernel, the following vulnerability has been resolved:
gue: Fix skb memleak with inner IP protocol 0.
syzbot reported skb memleak below. [0]
The repro generated a GUE packet with its i
In the Linux kernel, the following vulnerability has been resolved:
net: do not allow gso_size to be set to GSO_BY_FRAGS
One missing check in virtio_net_hdr_to_skb() allowed
syzbot to crash kernels
In the Linux kernel, the following vulnerability has been resolved:
ipv6: mcast: extend RCU protection in igmp6_send()
igmp6_send() can be called without RTNL or RCU being held.
Extend RCU protecti
An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP p
In the Linux kernel, the following vulnerability has been resolved:
tcp: fix skb_copy_ubufs() vs BIG TCP
David Ahern reported crashes in skb_copy_ubufs() caused by TCP tx zerocopy
using hugepages, a
In the Linux kernel, the following vulnerability has been resolved:
KVM: s390: fix validity interception issue when gisa is switched off
We might run into a SIE validity if gisa has been disabled ei
In the Linux kernel, the following vulnerability has been resolved:
af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK
Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found
by syzbot.
In the Linux kernel, the following vulnerability has been resolved:
netfilter: flowtable: validate vlan header
Ensure there is sufficient room to access the protocol field of the
VLAN header, valida
In the Linux kernel, the following vulnerability has been resolved:
mptcp: do not queue data on closed subflows
Dipanjan reported a syzbot splat at close time:
WARNING: CPU: 1 PID: 10818 at net/ipv
In the Linux kernel, the following vulnerability has been resolved:
net: lan743x: Fix memleak issue when GSO enabled
Always map the `skb` to the LS descriptor. Previously skb was
mapped to EXT descr
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fail verification for sign-extension of packet data/data_end/data_meta
syzbot reported a kernel crash due to
commit 1f1e864
In the Linux kernel, the following vulnerability has been resolved:
staging: gdm724x: fix use after free in gdm_lte_rx()
The netif_rx_ni() function frees the skb so we can't dereference it to
save t
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/hdcp: Check GSC structure validity
Sometimes xe_gsc is not initialized when checked at HDCP capability
check. Add gsc struc
In the Linux kernel, the following vulnerability has been resolved:
net_sched: sch_sfq: fix a potential crash on gso_skb handling
SFQ has an assumption of always being able to queue at least one pac
In the Linux kernel, the following vulnerability has been resolved:
virtio-net: fix received length check in big packets
Since commit 4959aebba8c0 ("virtio-net: use mtu size as buffer length
for big
In the Linux kernel, the following vulnerability has been resolved:
net: clear the dst when changing skb protocol
A not-so-careful NAT46 BPF program can crash the kernel
if it indiscriminately flips