930 matches found
GSD-2023-1000621 net: enetc: avoid buffer leaks on xdp_do_redirect() failure
net: enetc: avoid buffer leaks on xdpdoredirect failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
Authorization Bypass
xen is vulnerable to authorization bypass. The vulnerability exists while adding logic to support XDP eXpress Data Path, allowing for SKBs having references pointers retained for further processing to nevertheless be freed...
kernel: igc: avoid kernel warning when changing RX ring parameters
In the Linux kernel, the following vulnerability has been resolved: igc: avoid kernel warning when changing RX ring parameters Calling ethtool changing the RX ring parameters like this: $ ethtool -G eth0 rx 1024 on igc triggers kernel warnings like this: 225.198467 ------------ cut here...
xdp-tools bug fix and enhancement update
An update is available for xdp-tools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9....
xdp-tools bug fix and enhancement update
An update is available for xdp-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8....
Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5648-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5648-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...
Ubuntu 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-5640-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5640-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.55 and fixes at least the following security issues: There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges CVE-2022-2318. Xen Block and...
CVE-2022-33743
An incomplete cleanup flaw was found in the Linux kernel’s Xen networking XDP eXpress Data Path subsystem. This flaw allows a local user to crash the system...
CVE-2022-33743
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP eXpress Data Path, a code label was moved in a way allowing for SKBs having references pointers retained for further processing to nevertheless be freed...
AZL-10107 CVE-2022-33743 affecting package kernel for versions less than 5.15.67.1-4
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP eXpress Data Path, a code label was moved in a way allowing for SKBs having references pointers retained for further processing to nevertheless be freed...
CVE-2022-33743
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP eXpress Data Path, a code label was moved in a way allowing for SKBs having references pointers retained for further processing to nevertheless be freed...
CVE-2022-33743
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP eXpress Data Path, a code label was moved in a way allowing for SKBs having references pointers retained for further processing to nevertheless be freed...
Path traversal
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP eXpress Data Path, a code label was moved in a way allowing for SKBs having references pointers retained for further processing to nevertheless be freed...
CVE-2022-33743
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP eXpress Data Path, a code label was moved in a way allowing for SKBs having references pointers retained for further processing to nevertheless be freed...
CVE-2022-33743
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP eXpress Data Path, a code label was moved in a way allowing for SKBs having references pointers retained for further processing to nevertheless be freed...
CVE-2022-33743
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP eXpress Data Path, a code label was moved in a way allowing for SKBs having references pointers retained for further processing to nevertheless be freed...
CVE-2022-33743
CVE-2022-33743 maps to a Xen netfront memory-handling issue in the Linux kernel where SKBs with retained references can be freed, caused by a label move while adding XDP support. This can lead to use-after-free in the network backend and a potential Denial of Service when interacting with the Xen...
network backend may cause Linux netfront to use freed SKBs
ISSUE DESCRIPTION While adding logic to support XDP eXpress Data Path, a code label was moved in a way allowing for SKBs having references pointers retained for further processing to nevertheless be freed. IMPACT A misbehaving or malicious backend may cause a Denial of Service DoS in the guest...
new packages: xdp-tools
An update is available for xdp-tools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9....