191 matches found
CVE-2022-49390 macsec: fix UAF bug for real_dev
In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for realdev Create a new macsec device but not get reference to realdev. That can not ensure that realdev is freed after macsec. That will trigger the UAF bug for realdev as following:...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a memory misreference vulnerability that stems from a macsec device not obtaining a reference to realdev, which can be exploited by an attacker to cau...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20066)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20066 advisory. - NFSD: Limit the number of concurrent async COPY operations Chuck Lever Orabug: 37516381 CVE-2024-49974 - NFSD: Async COPY result needs to return...
The vulnerability of the Linux operating system’s kernel’s macsec component, which allows a hacker to cause a service failure
The vulnerability of the Linux operating system’s macsec kernel component is related to the lack of memory release after the effective lifespan of the component. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the macsec_free_netdev() function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the macsecfreenetdev function in the drivers/net/macsec.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
CVE-2024-50261
A use-after-free vulnerability was found in the Linux kernel. The metadatadst, which is used to store the SCI value for macsec offload, is freed by metadatadstfree in macsecfreenetdev, while the driver still uses it to send the packet. Mitigation Mitigation for this issue is either not available ...
SUSE CVE-2024-50261
In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...
DEBIAN-CVE-2024-50261
In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...
AZL-53379 CVE-2024-50261 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...
CVE-2024-50261
In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...
UBUNTU-CVE-2024-50261
In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...
CVE-2024-50261
In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...
CVE-2024-50261 macsec: Fix use-after-free while sending the offloading packet
In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...
CVE-2024-50261 macsec: Fix use-after-free while sending the offloading packet
In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...
CVE-2024-50261
Mode C CVE-2024-50261 (macsec use-after-free) affects the Linux kernel’s macsec offload path. The issue stems from metadata_dst being freed prematurely in macsec_free_netdev() while a packet is still using it. The fix replaces metadata_dst freeing with dst_release() so that metadata_dst is not fr...
CVE-2024-50261 macsec: Fix use-after-free while sending the offloading packet
In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...
SUSE CVE-2022-48882
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix macsec possible null dereference when updating MAC security entity SecY Upon updating MAC security entity SecY in hw offload path, the macsec security association SA initialization routine is called. In case of...
UBUNTU-CVE-2022-48882
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix macsec possible null dereference when updating MAC security entity SecY Upon updating MAC security entity SecY in hw offload path, the macsec security association SA initialization routine is called. In case of...
CVE-2022-48882
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix macsec possible null dereference when updating MAC security entity SecY Upon updating MAC security entity SecY in hw offload path, the macsec security association SA initialization routine is called. In case of...
CVE-2022-48882
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix macsec possible null dereference when updating MAC security entity SecY Upon updating MAC security entity SecY in hw offload path, the macsec security association SA initialization routine is called. In case of...