CVE-2024-26582

A use-after-free vulnerability was found in the tls subsystem of the Linux kernel. The tlsdecryptsg function doesn't take references on the pages from clearskb, so the putpage in tlsdecryptdone releases them and a use-after-free can be triggered in processrxlist when trying to read from the...

CVE-2024-26584

A flaw was found in the tls subsystem of the Linux kernel. When setting the CRYPTOTFMREQMAYBACKLOG flag on requests to the crypto API, cryptoaeadencrypt and cryptoaeaddecrypt functions can return -EBUSY instead of -EINPROGRESS in valid situations. This issue could lead to undefined behavior and a...

CVE-2024-26583

A race condition vulnerability was found in the tls subsystem of the Linux kernel. The submitting thread that calls recvmsg/sendmsg may exit as soon as the async crypto handler calls complete; any code past that point risks touching already freed data. This could lead to a use-after-free issue an...

USN-6648-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51781 Zhenghan Wang discover...

Design/Logic Flaw

EventStoreDB ESDB is an operational database built to store events. A vulnerability has been identified in the projections subsystem in versions 20 prior to 20.10.6, 21 prior to 21.10.11, 22 prior to 22.10.5, and 23 prior to 23.10.1. Only database instances that use custom projections are affecte...

CVE-2024-26133 EventStoreDB Projections Subsystem has potential password leak

EventStoreDB ESDB is an operational database built to store events. A vulnerability has been identified in the projections subsystem in versions 20 prior to 20.10.6, 21 prior to 21.10.11, 22 prior to 22.10.5, and 23 prior to 23.10.1. Only database instances that use custom projections are affecte...

CVE-2024-26133

EventStoreDB (ESDB) projections subsystem vulnerability affects versions before 20.10.6, 21 before 21.10.11, 22 before 22.10.5, and 23 before 23.10.1, impacting only databases using custom projections. The issue can expose user passwords to actors with disk access to chunk files or system streams...

USN-6647-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

CVE-2023-52435

A flaw was found in the Linux kernel’s net/core/skbuff.c subsystem. The GSOBYFRAGS is a forbidden value and allows the following computation in skbsegment to reach it. The : mss = mss partialsegs and many initial mss values can lead to a bad final result. Limit the segmentation so that the new ms...

CVE-2023-52439

A flaw was found in the Linux kernel’s uio subsystem. A use-after-free memory flaw in the uioopen functionality allows a local user to crash or escalate their privileges on the system. Mitigation To mitigate this issue, prevent module uio from being loaded. Please see...

CVE-2023-52436

A flaw was found in the Linux kernel’s f2fs subsystem. When setting an xattr, explicitly null-terminate the xattr list. This eliminates the assumption that the unused xattr space is always zeroed...

PT-2024-21493 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.8.0-rc4-syzkaller-00267-g0f1dd5e91e2b Description: A vulnerability has been resolved in the Linux kernel, specifically in the net subsystem, where a lockdep violation was reported by syzbot involving af unix...

UBUNTU-CVE-2023-52439

In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uioopen core-1 core-2 ------------------------------------------------------- uiounregisterdevice uioopen idev = idrfind deviceunregister&idev-dev putdevice&idev-dev uiodevicerelease getdevice&idev-dev...

USN-6646-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

kernel: HID: check empty report_list in hid_validate_values()

A memory corruption flaw was found in the Linux kernel’s human interface device HID subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c

A flaw was found in l2capsockrelease in net/bluetooth/l2capsock.c in the Bluetooth subsystem in the Linux Kernel. This issue may allow a user to cause a use-after-free problem due to sk's children being mishandled...

kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend()

A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in the virtio network subcomponent in the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem...

kernel: HID: check empty report_list in hid_validate_values()

A memory corruption flaw was found in the Linux kernel’s human interface device HID subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c

A flaw was found in l2capsockrelease in net/bluetooth/l2capsock.c in the Bluetooth subsystem in the Linux Kernel. This issue may allow a user to cause a use-after-free problem due to sk's children being mishandled...

kernel: inactive elements in nft_pipapo_walk

A use-after-free flaw was found in the Netfilter subsystem in the Linux kernel via the nftpipapowalk function. This issue may allow a local user with CAPNETADMIN capability to trigger an application crash, information disclosure, or local privilege escalation...