2827 matches found
kernel: ndisc: use RCU protection in ndisc_alloc_skb()
A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...
kernel: ndisc: use RCU protection in ndisc_alloc_skb()
A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...
Vulnerability of the ipoib_get_size() function in the drivers/infiniband/ulp/ipoib/ipoib_netlink.c module – This driver is part of the Linux operating system’s InfiniBand support, and it allows a hacker to cause a service failure.
Vulnerability of the ipoibgetsize function in the drivers/infiniband/ulp/ipoib/ipoibnetlink.c module – The Linux kernel’s InfiniBand support driver is vulnerable due to a reliance on the NULL pointer dereferencing. Exploiting this vulnerability could allow an attacker to cause a service failure...
SUSE CVE-2022-50042
In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies fails when recording non-first policy we need to unwind. netlinkpolicydumpaddpolicy itself also needs fixing as it currently gives u...
DEBIAN-CVE-2022-50042
In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies fails when recording non-first policy we need to unwind. netlinkpolicydumpaddpolicy itself also needs fixing as it currently gives u...
CVE-2022-50042
In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies fails when recording non-first policy we need to unwind. netlinkpolicydumpaddpolicy itself also needs fixing as it currently gives u...
UBUNTU-CVE-2022-50042
In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies fails when recording non-first policy we need to unwind. netlinkpolicydumpaddpolicy itself also needs fixing as it currently gives u...
CVE-2022-50042 net: genl: fix error path memory leak in policy dumping
In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies fails when recording non-first policy we need to unwind. netlinkpolicydumpaddpolicy itself also needs fixing as it currently gives u...
CVE-2022-50042
In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies fails when recording non-first policy we need to unwind. netlinkpolicydumpaddpolicy itself also needs fixing as it currently gives u...
AZL-63947 CVE-2025-38022 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix "KASAN: slab-use-after-free Read in ibregisterdevice" problem Call Trace: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x116/0x1f0 lib/dumpstack.c:120 printaddressdescription mm/kasan/report.c:408 inline...
CVE-2025-38006
In the Linux kernel, the following vulnerability has been resolved: net: mctp: Don't access ifaindex when missing In mctpdumpaddrinfo, ifaindex can be used to filter interfaces, but only when the struct ifaddrmsg is provided. Otherwise it will be comparing to uninitialised memory - reproducible i...
UBUNTU-CVE-2025-38006
In the Linux kernel, the following vulnerability has been resolved: net: mctp: Don't access ifaindex when missing In mctpdumpaddrinfo, ifaindex can be used to filter interfaces, but only when the struct ifaddrmsg is provided. Otherwise it will be comparing to uninitialised memory - reproducible i...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: net: ravb: Fix missing rtnl lock in suspend/resume path Fix the suspend/resume path by ensuring the rtnl lock is held where required. Calls to ravbopen, ravbclose and wol operations must be performed under the rtnl lock to preven...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice The ethnlreqgetPhyDev function is used to look up a phyDevice, in cases where an ethtool netlink command targets a specific phyDevice within a netDevice’s topolog...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fixed the nested key length validation in the set action. It is not safe to access nlalenovskey if the data is smaller than the netlink header. Ensure that the attribute is valid first...
kernel: ndisc: use RCU protection in ndisc_alloc_skb()
A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...
CLSA-2025-1749548422 Fix of 14 CVEs
CVE-url: https://ubuntu.com/security/CVE-2025-21811 - nilfs2: protect access to buffers with no active references CVE-url: https://ubuntu.com/security/CVE-2025-21715 - net: davicom: fix UAF in dm9000drvremove CVE-url: https://ubuntu.com/security/CVE-2024-58083 - KVM: Explicitly verify target vCPU...
kernel: net: fix geneve_opt length integer overflow
In the Linux kernel, the following vulnerability has been resolved: net: fix geneveopt length integer overflow struct geneveopt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink policies cannot promi...
kernel: net: fix geneve_opt length integer overflow
In the Linux kernel, the following vulnerability has been resolved: net: fix geneveopt length integer overflow struct geneveopt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink policies cannot promi...
The vulnerability of the mptcp_pm_nl_append_new_local_addr() function in the net/mptcp/pm_netlink.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the mptcppmnlAppendNewLocalAddr function in the net/mptcp/pmnetlink.c module of the Linux kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...