22 matches found
CVE-2026-10636 Use-after-free in Zephyr IPv4 IGMP send path (`igmp_send`)
In Zephyr's IPv4 IGMP implementation, igmpsend in subsys/net/ip/igmp.c read the network interface back out of the packet via netpktifacepkt after the packet had been handed to netsenddata. On the successful-send path the packet's last reference may already have been released by the L2 driver or b...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A “use-after-free” vulnerability in the Linux kernel’s ipv4:igmp component can be exploited to achieve local privilege escalation. A race condition can also be exploited, causing a timer to be mistakenly registered on a RCU read-locked object that is then freed by another thread. We recommend...
kernel: use-after-free in IPv4 IGMP
A race condition has been discovered in the Linux kernel's Internet Group Management Protocol IGMP implementation. This vulnerability may enable an attacker to provoke an application crash or potentially escalate privileges locally. By exploiting the race condition, an adversary could disrupt the...
CLSA-2024-1705927008 kernel: Fix of 7 CVEs
netsched: clsroute: remove from list when handle is 0 CVE-2022-2588 - netfilter: nftables: do not allow RULEID to refer to another chain CVE-2022-2586 - netfilter: nftables: do not allow SETID to refer to another table CVE-2022-2586 - netfilter: nftables: prevent OOB access in nftbyteordereval...
SUSE SLED15: cluster-md-kmp-64kb / cluster-md-kmp-default / dlm-kmp-64kb / etc (SUSE-SU-2024:0160-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0160-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. Th...
CLSA-2024-1705496273 kernel: Fix of 13 CVEs
Bluetooth: L2CAP: Fix use-after-free in l2capsockreadycb CVE-2023-40283 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-6932 - smb: client: fix OOB in smbCalcSize CVE-2023-6606 - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: clsfw:...
CLSA-2024-1705494430 kernel: Fix of 13 CVEs
Bluetooth: L2CAP: Fix use-after-free in l2capsockreadycb CVE-2023-40283 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-6932 - smb: client: fix OOB in smbCalcSize CVE-2023-6606 - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: clsfw:...
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:0129-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0129-1 advisory. The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...
SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2024:0115-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0115-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were...
CLSA-2024-1705081763 Fix of 7 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-7192 - netfilter: ctnetlink: fix possible refcount leak in ctnetlinkcreateconntrack CVE-url: https://ubuntu.com/security/CVE-2023-6610 - smb: client: fix potential OOB in smb2dumpdetail CVE-url: https://ubuntu.com/security/CVE-2023-6606 - smb: client:...
OESA-2024-1032 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: openeuler-linux-kernel-5.10.149-ext4writeinlinedata-kernelbug-365020CVE-2021-33631 An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravbremove in...
SUSE CVE-2023-6932
A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past...
CVE-2023-6932
A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past...
UBUNTU-CVE-2023-6932
A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past...
CVE-2023-6932 Use-after-free in Linux kernel's ipv4: igmp component
A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past...
Ubuntu Update for linux USN-1363-1
Ubuntu Update for Linux kernel vulnerabilities USN-1363-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13631.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux USN-1363-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu: Security Advisory (USN-1363-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-1386-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-1384-1: Linux kernel (Oneiric backport) vulnerabilities
A bug was discovered in the Linux kernel's calculation of OOM Out of memory scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. CVE-2011-4097 Paolo Bonzini...
USN-1380-1: Linux kernel vulnerabilities
A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged user could oops the system causing a denial of service. CVE-2011-2518 A bug was discovered in the Linux kernel's calculation of OOM Out of memory scores, that would result in the wrong process being killed. ...