Lucene search
K

128 matches found

OSV
OSV
added 2024/04/02 7:15 a.m.1 views

DEBIAN-CVE-2024-26679

In the Linux kernel, the following vulnerability has been resolved: inet: read sk-skfamily once in inetrecverror inetrecverror is called without holding the socket lock. IPv6 socket could mutate to IPv4 with IPV6ADDRFORM socket option and trigger a KCSAN warning...

5.5CVSS5.3AI score0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/02 7:1 a.m.21 views

CVE-2024-26679 inet: read sk->sk_family once in inet_recv_error()

In the Linux kernel, the following vulnerability has been resolved: inet: read sk-skfamily once in inetrecverror inetrecverror is called without holding the socket lock. IPv6 socket could mutate to IPv4 with IPV6ADDRFORM socket option and trigger a KCSAN warning...

7.5AI score0.00184EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2024/04/02 7:1 a.m.32 views

CVE-2024-26679

In the Linux kernel, the following vulnerability has been resolved: inet: read sk-skfamily once in inetrecverror inetrecverror is called without holding the socket lock. IPv6 socket could mutate to IPv4 with IPV6ADDRFORM socket option and trigger a KCSAN warning...

5.5CVSS7.1AI score0.00184EPSS
Exploits0
OSV
OSV
added 2024/04/02 7:1 a.m.7 views

CVE-2024-26679 inet: read sk->sk_family once in inet_recv_error()

In the Linux kernel, the following vulnerability has been resolved: inet: read sk-skfamily once in inetrecverror inetrecverror is called without holding the socket lock. IPv6 socket could mutate to IPv4 with IPV6ADDRFORM socket option and trigger a KCSAN warning...

5.5CVSS5.8AI score0.00184EPSS
Exploits0References13
CNNVD
CNNVD
added 2024/04/02 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a call to inetrecverror that does not require holding a socket lock...

5.5CVSS6.3AI score0.00184EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2024/03/20 3:48 a.m.3 views

SUSE CVE-2024-26636

In the Linux kernel, the following vulnerability has been resolved: llc: make llcuisendmsg more robust against bonding changes syzbot was able to trick llcuisendmsg, allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header 1 Like some others, llcuisendmsg...

5.5CVSS6.1AI score0.0024EPSS
Exploits0References16
UbuntuCve
UbuntuCve
added 2024/03/18 11:15 a.m.31 views

CVE-2024-26636

In the Linux kernel, the following vulnerability has been resolved: llc: make llcuisendmsg more robust against bonding changes syzbot was able to trick llcuisendmsg, allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header 1 Like some others, llcuisendmsg...

5.5CVSS6.3AI score0.0024EPSS
Exploits0References29
OSV
OSV
added 2024/03/18 10:14 a.m.8 views

CVE-2024-26636 llc: make llc_ui_sendmsg() more robust against bonding changes

In the Linux kernel, the following vulnerability has been resolved: llc: make llcuisendmsg more robust against bonding changes syzbot was able to trick llcuisendmsg, allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header 1 Like some others, llcuisendmsg...

5.5CVSS5.8AI score0.0024EPSS
Exploits0References13
UbuntuCve
UbuntuCve
added 2024/03/15 9:15 p.m.21 views

CVE-2021-47132

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix skforwardmemory corruption on retransmission MPTCP skforwardmemory handling is a bit special, as such field is protected by the msk socket spinlock, instead of the plain socket lock. Currently we have a code path...

7.1CVSS6.7AI score0.00213EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/03/02 5:48 a.m.8 views

SUSE CVE-2021-47038

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid deadlock between hcidev-lock and socket lock Commit eab2404ba798 "Bluetooth: Add BTPHY socket option" added a dependency between socket lock and hcidev-lock that could lead to deadlock. It turns out that...

5.7CVSS7.7AI score0.00179EPSS
Exploits0References5
OSV
OSV
added 2024/02/28 9:15 a.m.8 views

DEBIAN-CVE-2021-47038

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid deadlock between hcidev-lock and socket lock Commit eab2404ba798 "Bluetooth: Add BTPHY socket option" added a dependency between socket lock and hcidev-lock that could lead to deadlock. It turns out that...

5.5CVSS5.9AI score0.00179EPSS
Exploits0References1
OSV
OSV
added 2024/02/28 9:15 a.m.2 views

UBUNTU-CVE-2021-47038

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid deadlock between hcidev-lock and socket lock Commit eab2404ba798 "Bluetooth: Add BTPHY socket option" added a dependency between socket lock and hcidev-lock that could lead to deadlock. It turns out that...

5.5CVSS6.6AI score0.00179EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/02/28 9:15 a.m.22 views

CVE-2021-47038

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid deadlock between hcidev-lock and socket lock Commit eab2404ba798 "Bluetooth: Add BTPHY socket option" added a dependency between socket lock and hcidev-lock that could lead to deadlock. It turns out that...

5.5CVSS6.4AI score0.00179EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/02/28 8:13 a.m.29 views

CVE-2021-47038 Bluetooth: avoid deadlock between hci_dev->lock and socket lock

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid deadlock between hcidev-lock and socket lock Commit eab2404ba798 "Bluetooth: Add BTPHY socket option" added a dependency between socket lock and hcidev-lock that could lead to deadlock. It turns out that...

6.6AI score0.00179EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/02/28 8:13 a.m.25 views

CVE-2021-47038

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid deadlock between hcidev-lock and socket lock Commit eab2404ba798 "Bluetooth: Add BTPHY socket option" added a dependency between socket lock and hcidev-lock that could lead to deadlock. It turns out that...

5.5CVSS5.8AI score0.00179EPSS
Exploits0
CNNVD
CNNVD
added 2024/02/28 12:0 a.m.8 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a dependency between hcidev-lock and socket lock, which could lead to a deadlock...

5.5CVSS8.1AI score0.00179EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.2 views

kernel: l2tp: close all race conditions in l2tp_tunnel_register()

In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...

4.7CVSS6.3AI score0.0013EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/11/28 12:0 a.m.7 views

PT-2024-11878 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.0-rc5 Description: A bug in the Linux kernel has been resolved, specifically in the mptcp protocol. The issue occurred when a sleeping function was called from an invalid context at close time, resulting in ...

5.5CVSS6.8AI score0.00152EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.2 views

PT-2022-35781 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.262 Description: The issue is related to the Linux Kernel's rds tcp reset callbacks function, where the sock lock is held when cancelling work. This could potentially lead to security vulnerabilities,...

7.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.4 views

PT-2022-35679 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.220 Description: The issue is related to the Linux Kernel's rds tcp reset callbacks function, where the sock lock is held when cancelling work. This could potentially lead to security vulnerabilities,...

7.3AI score
Exploits0References1
Rows per page
Query Builder