Slavin Liu

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue concerns unsafe attribute parsing in the `output userspace()` function of the openvswitch module in the Linux kernel. A patch has been applied to replace manual Netlink attribute iteration with `nla for each nested()`, ensuring only well-formed attributes are processed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61 Description: A vulnerability has been resolved in the Linux kernel, specifically in the netfilter: nft payload module. The issue arises when the `skb checksum()` function is called with an offset and length that exceed the skbuff length, triggering a BUG ON() error. The `skb checksum()` function internally subtracts the length parameter while iterating over the skbuff and checks that the expected length is fully consumed at the end. Recommendations: For Linux kernel versions prior to 6.6.61, update to version 6.6.61 or later to resolve the issue. As a temporary workaround, consider restricting access to the `nft payload` module until a patch is available. Avoid using the `skb checksum()` function with unvalidated offset and length parameters in the affected API endpoints until the issue is resolved.