CVE-2024-47719

In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN during iova allocation Userspace can supply an iova and uptr such that the target iova alignment becomes really big and ALIGN overflows which corrupts the selected area range during...

CVE-2024-47719 iommufd: Protect against overflow of ALIGN() during iova allocation

In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN during iova allocation Userspace can supply an iova and uptr such that the target iova alignment becomes really big and ALIGN overflows which corrupts the selected area range during...

CVE-2024-47707 ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()

In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid possible NULL deref in rt6uncachedlistflushdev Blamed commit accidentally removed a check for rt-rt6iidev being NULL, as spotted by syzbot: Oops: general protection fault, probably for non-canonical address...

CVE-2024-47707 ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()

In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid possible NULL deref in rt6uncachedlistflushdev Blamed commit accidentally removed a check for rt-rt6iidev being NULL, as spotted by syzbot: Oops: general protection fault, probably for non-canonical address...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-42114)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42114 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: restrict...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-44999)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44999 advisory. - In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit...

Increased Capacity in Asia: Mumbai and Singapore Expansions Now Available

We’re continuing to expand our cloud computing footprint and capacity with both new core compute regions and expansions of popular regions...

CVE-2024-46782 ila: call nf_unregister_net_hooks() sooner

In the Linux kernel, the following vulnerability has been resolved: ila: call nfunregisternethooks sooner syzbot found an use-after-free Read in ilanfinput 1 Issue here is that ilaxlatexitnet frees the rhashtable, then call nfunregisternethooks. It should be done in the reverse way, with a...

CVE-2024-46782

CVE-2024-46782 affects Linux kernel’s ila subsystem (net/ipv6/ila/ila_xlat.c, ila_nf_input) where a use-after-free occurs: ila_xlat_exit_net() frees the rhashtable and then nf_unregister_net_hooks() is called. The issue is the hook removal should occur before freeing resources; the fix reorders a...

CVE-2024-46782 ila: call nf_unregister_net_hooks() sooner

In the Linux kernel, the following vulnerability has been resolved: ila: call nfunregisternethooks sooner syzbot found an use-after-free Read in ilanfinput 1 Issue here is that ilaxlatexitnet frees the rhashtable, then call nfunregisternethooks. It should be done in the reverse way, with a...

Rockwell Automation多款产品 安全漏洞

Rockwell Automation 2800C OptixPanel Compact and others are products of Rockwell Automation, Inc.Rockwell Automation 2800C OptixPanel Compact is a compact operator panel. Rockwell Automation 2800S OptixPanel Standard is a standard operator panel.Rockwell Automation Embedded Edge Compute Module is...

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2024-2390)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apple Intelligence Promises Better AI Privacy. Here’s How It Actually Works

Private Cloud Compute is an entirely new kind of infrastructure that, Apple’s Craig Federighi tells WIRED, allows your personal data to be “hermetically sealed inside of a privacy bubble.”...

CVE-2024-44987

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6sendskb syzbot reported an UAF in ip6sendskb 1 After ip6localout has returned, we no longer can safely dereference rt, unless we hold rcureadlock. A similar issue has been fixed in commit a688caa34beb "ipv...

CVE-2024-44999 gtp: pull network headers in gtp_dev_xmit()

In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit syzbot/KMSAN reported use of uninit-value in getdevxmit 1 We must make sure the IPv4 or Ipv6 header is pulled in skb-head before accessing fields in them. Use pskbinetmaypull to fix this...

CVE-2024-44999 gtp: pull network headers in gtp_dev_xmit()

In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit syzbot/KMSAN reported use of uninit-value in getdevxmit 1 We must make sure the IPv4 or Ipv6 header is pulled in skb-head before accessing fields in them. Use pskbinetmaypull to fix this...

CVE-2024-44987 ipv6: prevent UAF in ip6_send_skb()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6sendskb syzbot reported an UAF in ip6sendskb 1 After ip6localout has returned, we no longer can safely dereference rt, unless we hold rcureadlock. A similar issue has been fixed in commit a688caa34beb "ipv...

CVE-2024-44987 ipv6: prevent UAF in ip6_send_skb()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6sendskb syzbot reported an UAF in ip6sendskb 1 After ip6localout has returned, we no longer can safely dereference rt, unless we hold rcureadlock. A similar issue has been fixed in commit a688caa34beb "ipv...

CVE-2024-44946

In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcmsendmsg for the same socket. syzkaller reported UAF in kcmrelease. 0 The scenario is 1. Thread A builds a skb with MSGMORE and sets kcm-seqskb. 2. Thread A resumes building skb from kcm-seqskb but is blocked by...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not using an auxiliary function to compute the expected ID...