1252 matches found
DEBIAN-CVE-2024-56645
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...
DEBIAN-CVE-2024-56639
In the Linux kernel, the following vulnerability has been resolved: net: hsr: must allocate more bytes for RedBox support Blamed commit forgot to change hsrinitskb to allocate larger skb for RedBox case. Indeed, sendhsrsupervisionframe will add two additional components struct hsrsuptlv and struc...
DEBIAN-CVE-2024-56590
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix not checking skb length on hciacldatapacket This fixes not checking if skb really contains an ACL header otherwise the code may attempt to access some uninitilized/invalid memory past the valid skb-data...
UBUNTU-CVE-2024-56590
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix not checking skb length on hciacldatapacket This fixes not checking if skb really contains an ACL header otherwise the code may attempt to access some uninitilized/invalid memory past the valid skb-data...
UBUNTU-CVE-2024-56659
In the Linux kernel, the following vulnerability has been resolved: net: lapb: increase LAPBHEADERLEN It is unclear if net/lapb code is supposed to be ready for 8021q. We can at least avoid crashes like the following : skbuff: skbunderpanic: text:ffffffff8aabe1f6 len:24 put:20 head:ffff88802824a4...
CVE-2024-56648 net: hsr: avoid potential out-of-bound access in fill_frame_info()
In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...
DEBIAN-CVE-2024-53236
In the Linux kernel, the following vulnerability has been resolved: xsk: Free skb when TX metadata options are invalid When a new skb is allocated for transmitting an xsk descriptor, i.e., for every non-multibuf descriptor or the first frag of a multibuf descriptor, but the descriptor is later...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a skb release issue caused by hcidevcdappend in the Bluetooth btmtk subsystem. No detailed vulnerability...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the rtw88 driver in the wifi subsystem not properly clearing the TX skb when removing modules...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from skb not being released when the TX metadata option in the xsk module is invalid...
netfilter: nf_tables: prevent nf_skb_duplicated corruption
...
kernel: net: avoid potential underflow in qdisc_pkt_len_init() with UFO
In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdiscpktleninit with UFO After commit 7c6d2ecbda83 "net: be more gentle about silly gso requests coming from user" virtionethdrtoskb had sanity check to detect malicious attempts from user space ...
kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg
A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause a denial of service condition or potential code execution...
Linux Kernel Bluetooth HCI Request Race Condition Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...
SUSE CVE-2024-53117
In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Improve MSGZEROCOPY error handling Add a missing kfreeskb to prevent memory leaks...
UBUNTU-CVE-2024-53117
In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Improve MSGZEROCOPY error handling Add a missing kfreeskb to prevent memory leaks...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of the MSGZEROCOPY error in the virtio/vsock component and the lack of the kfreeskb call,...
kernel: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE
In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...
SUSE CVE-2024-53058
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data In case the non-paged data of a SKB carries protocol header and protocol payload to be transmitted on a certain platform that the DMA AXI address width is...
UBUNTU-CVE-2024-53058
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data In case the non-paged data of a SKB carries protocol header and protocol payload to be transmitted on a certain platform that the DMA AXI address width is...