157 matches found
CLSA-2024-1718950178 Fix of 22 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-26764 - aio: remove an outdated BUGON and comment in aiocomplete - aio: remove the extra getfile/fput pair in iosubmitone - aio: refactor read/write iocb setup - fs/aio: Restrict kiocbsetcancelfn to I/O submitted via libaio CVE-url:...
OESA-2024-1705 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: cdceem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eemtxfixup, if skbcopyexpand failed, it return NULL, usbnetstartxmit will have no...
CLSA-2024-1713791454 Fix of 12 CVEs
CVE-url: https://ubuntu.com/security/CVE-2021-46925 - net/smc: get rid of txpend waits in socket closing - net/smc: fix kernel panic caused by race of smcsock CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5cachecount CVE-url:...
SUSE CVE-2021-47159
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix a crash if -getssetcount fails If ds-ops-getssetcount fails then it "count" is a negative error code such as -EOPNOTSUPP. Because "i" is an unsigned int, the negative error code is type promoted to a very high value...
kernel: use-after-free in sch_qfq network scheduler
A use-after-free flaw was found in qfqdequeue and aggdequeue in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This issue may allow a local user to crash the system or escalate their privileges on the system...
kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend()
A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in the virtio network subcomponent in the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem...
kernel: use-after-free in sch_qfq network scheduler
A use-after-free flaw was found in qfqdequeue and aggdequeue in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This issue may allow a local user to crash the system or escalate their privileges on the system...
CLSA-2024-1708171036 Fix of 10 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-23851 - dm: limit the number of targets and parameter size area CVE-url: https://ubuntu.com/security/CVE-2024-23849 - net/rds: Fix UBSAN: array-index-out-of-bounds in rdscmsgrecv CVE-url: https://ubuntu.com/security/CVE-2024-1086 - netfilter: nftables...
The vulnerability of FireEye Endpoint Security’s software for protecting servers and workstations lies in errors in the network subsystem’s counters. This allows a malicious actor to trigger a service failure.
The vulnerability of FireEye Endpoint Security’s software for protecting servers and workstations is related to errors in counting pointers within the network subsystem. Exploiting this vulnerability allows a malicious actor to trigger a service failure using the Containmentnotify/preview paramet...
PT-2024-1413 · Fireeye · Fireeye Endpoint Security
Name of the Vulnerable Software and Affected Versions: FireEye Endpoint Security version 5.2.0.958244 Description: The issue is related to improper cleanup in exceptions thrown by FireEye Endpoint Security. This could allow an attacker to send multiple request packets to the containment...
kernel: net: fix NULL pointer in skb_segment_list
A flaw was found in the Linux kernel's net subsystem. A NULL pointer dereference can be triggered when a specific sequence of network events occurs due to an improper check, resulting in a denial of service...
kernel: Linux kernel: Network subsystem memory leak
A flaw was found in the Linux kernel. This vulnerability allows an attacker to cause a denial of service via a memory leak caused by improper handling of skb socket buffer cloning in the network subsystem...
CVE-2023-4257
Unchecked user input length in /subsys/net/l2/wifi/wifishell.c can cause buffer overflows...
The vulnerability of the kmalloc_reserve() function in the net/core/skbuff.c file of the Linux kernel’s network subsystem allows a hacker to cause a service failure.
The vulnerability of the kmallocreserve function in the net/core/skbuff.c file of the Linux kernel’s network subsystem is related to integer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure...
kernel: NULL pointer dereference in rawv6_push_pending_frames
A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash...
kernel: data races around sk->sk_prot
A data race problem was found in sk-skprot in the network subsystem in ipv6 in the Linux kernel. This issue occurs while some functions access critical data, leading to a denial of service...
kernel: data races around sk->sk_prot
A data race problem was found in sk-skprot in the network subsystem in ipv6 in the Linux kernel. This issue occurs while some functions access critical data, leading to a denial of service...
kernel: NULL pointer dereference in rawv6_push_pending_frames
A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash...
K17121: Linux network subsystem vulnerabilities CVE-2014-8160, CVE-2014-8172, CVE-2014-8173, CVE-2014-9428, CVE-2014-9644, CVE-2015-0274, and CVE-2015-2041
Security Advisory Description CVE-2014-8160 net/netfilter/nfconntrackprotogeneric.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended...
SUSE CVE-2011-4112
The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFFTXSKBSHARING flag, which allows local users to cause a denial of service panic by leveraging the CAPNETADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen package in conjunction wit...