405 matches found
CVE-2024-43910
In the Linux kernel, the following vulnerability has been resolved: bpf: add missing checkfuncargregoff to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified CONSTPTRTODYNPTR to a global function as an argument. The adverse effects of this is that BPF helpers can...
CVE-2024-43910
In the Linux kernel, the following vulnerability has been resolved: bpf: add missing checkfuncargregoff to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified CONSTPTRTODYNPTR to a global function as an argument. The adverse effects of this is that BPF helpers can...
CVE-2024-43910 bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses
In the Linux kernel, the following vulnerability has been resolved: bpf: add missing checkfuncargregoff to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified CONSTPTRTODYNPTR to a global function as an argument. The adverse effects of this is that BPF helpers can...
CVE-2024-43910 bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses
In the Linux kernel, the following vulnerability has been resolved: bpf: add missing checkfuncargregoff to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified CONSTPTRTODYNPTR to a global function as an argument. The adverse effects of this is that BPF helpers can...
CVE-2024-43910
In the Linux kernel, the following vulnerability has been resolved: bpf: add missing checkfuncargregoff to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified CONSTPTRTODYNPTR to a global function as an argument. The adverse effects of this is that BPF helpers can...
CVE-2022-48883
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent A user is able to configure an arbitrary number of rx queues when creating an interface via netlink. This doesn't work for child PKEY interfaces because the...
CVE-2022-48883
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent A user is able to configure an arbitrary number of rx queues when creating an interface via netlink. This doesn't work for child PKEY interfaces because the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the wifi:ath12k module driver sharing the same ring mask index with the monitor ring and the reo reinjection...
wireguard: allowedips: avoid unaligned 64-bit memory accesses
...
netlabel: fix out-of-bounds memory accesses
...
CVE-2024-42247
In the Linux kernel, the following vulnerability has been resolved: wireguard: allowedips: avoid unaligned 64-bit memory accesses On the parisc platform, the kernel issues kernel warnings because swapendian tries to load a 128-bit IPv6 address from an unaligned memory location: Kernel: unaligned...
CVE-2024-42247 wireguard: allowedips: avoid unaligned 64-bit memory accesses
In the Linux kernel, the following vulnerability has been resolved: wireguard: allowedips: avoid unaligned 64-bit memory accesses On the parisc platform, the kernel issues kernel warnings because swapendian tries to load a 128-bit IPv6 address from an unaligned memory location: Kernel: unaligned...
CVE-2024-42247 wireguard: allowedips: avoid unaligned 64-bit memory accesses
In the Linux kernel, the following vulnerability has been resolved: wireguard: allowedips: avoid unaligned 64-bit memory accesses On the parisc platform, the kernel issues kernel warnings because swapendian tries to load a 128-bit IPv6 address from an unaligned memory location: Kernel: unaligned...
SUSE-SU-2024:2754-1 Security update for skopeo
This update for skopeo fixes the following issues: Update to version 1.14.4: - CVE-2024-3727: Fixed a vulnerability that allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, resource exhaustion, local path traversal and other attacks. bsc1224123...
CVE-2022-48805
In the Linux kernel, the following vulnerability has been resolved: net: usb: ax88179178a: Fix out-of-bounds accesses in RX fixup ax88179rxfixup contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device, in particular: - The metadata array...
CVE-2022-48822
In the Linux kernel, the following vulnerability has been resolved: usb: ffs: Fix use-after-free for epfile Consider a case where ffsfuncepsdisable is called from ffsfuncdisable as part of composition switch and at the same time ffsepfilerelease get called from userspace. ffsepfilerelease will fr...
CVE-2022-48822
In the Linux kernel, the following vulnerability has been resolved: usb: ffs: Fix use-after-free for epfile Consider a case where ffsfuncepsdisable is called from ffsfuncdisable as part of composition switch and at the same time ffsepfilerelease get called from userspace. ffsepfilerelease will fr...
CVE-2022-48805
In the Linux kernel, the following vulnerability has been resolved: net: usb: ax88179178a: Fix out-of-bounds accesses in RX fixup ax88179rxfixup contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device, in particular: - The metadata array...
CVE-2022-48822
In the Linux kernel, the following vulnerability has been resolved: usb: ffs: Fix use-after-free for epfile Consider a case where ffsfuncepsdisable is called from ffsfuncdisable as part of composition switch and at the same time ffsepfilerelease get called from userspace. ffsepfilerelease will fr...
CVE-2022-48822
CVE-2022-48822 — Linux kernel usb f_fs use-after-free (epfile) Technical summary: A race between ffs_func_eps_disable (which uses a local copy of epfiles) and ffs_epfile_release can lead to use-after-free of the epfile read buffer. While ffs_epfile_release frees the buffer and destroys ffs->ep...