PT-2024-21459 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.8.0-rc2-syzkaller-00031-g861c0981648f Description: A potential loop in the nsim dev trap report work function has been resolved. Many syzbot reports include a trace that indicates if nsim dev trap report work...

net: netdevsim: don't try to destroy PHC on VFs

...

The vulnerability of the nsimdestroy() function in the drivers/net/netdevsim/netdev.c module of the netdevsim virtual network device driver for the Linux operating system allows a malicious actor to cause a service failure.

The vulnerability of the nsimDestroy function in the drivers/net/netdevsim/netdev.c module of the netdevsim virtual network device driver for the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

SUSE CVE-2024-26587

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...

CVE-2024-26587

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...

CVE-2024-26587

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...

AZL-35906 CVE-2024-26587 affecting package kernel for versions less than 5.15.158.1-1

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...

DEBIAN-CVE-2024-26587

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...

UBUNTU-CVE-2024-26587

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...

CVE-2024-26587 net: netdevsim: don't try to destroy PHC on VFs

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...

CVE-2024-26587 net: netdevsim: don't try to destroy PHC on VFs

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...

CVE-2024-26587 net: netdevsim: don't try to destroy PHC on VFs

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...

CVE-2024-26587

The CVE-2024-26587 issue in Linux kernel netdevsim could crash when destroying a netdevsim with VFs instantiated. The root cause was that PHC gets initialised in nsim_init_netdevsim() (only called for PF ports), but mock_phc_destroy() was not placed there, leading to a NULL pointer dereference du...

CVE-2024-26587

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...

CVE-2024-26587

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...

kernel: Linux kernel: Denial of Service due to memory leak in netdevsim

A flaw was found in the Linux kernel's netdevsim component. A local user could exploit a memory leak vulnerability within the nsimbusdevnew function. This occurs when deviceregister fails, leading to an unreleased object name. This memory leak could potentially lead to a Denial of Service DoS on...

kernel: devlink: hold region lock when flushing snapshots

In the Linux kernel, the following vulnerability has been resolved: devlink: hold region lock when flushing snapshots Netdevsim triggers a splat on reload, when it destroys regions with snapshots pending: WARNING: CPU: 1 PID: 787 at net/core/devlink.c:6291 devlinkregionsnapshotdel+0x12e/0x140 CPU...

CBL Mariner 2.0 Security Update: kernel (CVE-2023-2019)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2019 advisory. - A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue...

SUSE SLED15: cluster-md-kmp-64kb / cluster-md-kmp-default / dlm-kmp-64kb / etc (SUSE-SU-2023:2140-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2140-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. Th...