UBUNTU-CVE-2024-44986

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in ip6finishoutput2 If skbexpandhead returns NULL, skb has been freed and associated dst/idev could also have been freed. We need to hold rcureadlock to make sure the dst and associated idev are alive...

kernel: net: amd-xgbe: Fix skb data length underflow

In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUGON triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the packet if such length...

AZL-48594 CVE-2024-44946 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcmsendmsg for the same socket. syzkaller reported UAF in kcmrelease. 0 The scenario is 1. Thread A builds a skb with MSGMORE and sets kcm-seqskb. 2. Thread A resumes building skb from kcm-seqskb but is blocked by...

kernel: TIPC message reassembly use-after-free remote code execution vulnerability

A use-after-free UAF flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipcbufappend function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on "struct skbuff", which may lead to remote code...

OESA-2024-2028 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-sk in ipvlanprocessv4,6outbound Raw packet from PFPACKET socket ontop of an IPv6-backed ipvlan device will hit WARNONONCE in skmcloop throug...

SUSE CVE-2024-43861

In the Linux kernel, the following vulnerability has been resolved: net: usb: qmiwwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive...

The vulnerability of the ipvlan component in the Linux operating system allows a hacker to compromise the integrity and accessibility of the system.

The vulnerability of the ipvlan component in the Linux operating system’s kernel is related to errors that occur outside the specified range, caused by the skb-macheader pointer. Exploiting this vulnerability can allow an attacker to compromise the integrity and accessibility of the system...

UBUNTU-CVE-2024-43861

In the Linux kernel, the following vulnerability has been resolved: net: usb: qmiwwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive...

kernel: TIPC message reassembly use-after-free remote code execution vulnerability

A use-after-free UAF flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipcbufappend function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on "struct skbuff", which may lead to remote code...

SUSE CVE-2024-42321

In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: use DEBUGNETWARNONONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 "net: add and use skbgethashsymmetricnet" bu...

SUSE CVE-2024-43835

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix napiskbcacheput warning After the commit bdacf3e34945 "net: Use nested-BH locking for napialloccache." was merged, the following warning began to appear: WARNING: CPU: 5 PID: 1 at net/core/skbuff.c:1451...

DEBIAN-CVE-2024-43817

In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtionethdrtoskb allowed syzbot to crash kernels again 1. After the skbsegment function the buffer may become non-linear nrfrags != 0, but since the SKBTXSHAREDFRAG flag is not set...

CVE-2024-43844 wifi: rtw89: wow: fix GTK offload H2C skbuff issue

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: wow: fix GTK offload H2C skbuff issue We mistakenly put skb too large and that may exceed skb-end. Therefore, we fix it. skbuff: skboverpanic: text:ffffffffc09e9a9d len:416 put:204 head:ffff8fba04eca780...

UBUNTU-CVE-2024-42280

In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix a use after free in hfcmultitx Don't dereference sp after calling devkfreeskbsp...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing required check in the virtionethdrtoskb function, causing the kernel to crash...

wifi: mt76: replace skb_put with skb_put_zero

...

kernel: net: netlink: af_netlink: Prevent empty skb by adding a check on len.

In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netemenqueue function which is caused when skb-len=0 and skb-datalen=0 in...

kernel: bnxt: prevent skb UAF after handing over to PTP worker

A possible use-after-free after handing over to PTP worker was found in the Linux kernel. This may lead to a crash...

kernel: TIPC message reassembly use-after-free remote code execution vulnerability

A use-after-free UAF flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipcbufappend function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on "struct skbuff", which may lead to remote code...

kernel: net: amd-xgbe: Fix skb data length underflow

In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUGON triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the packet if such length...