35 matches found
Unbreakable Enterprise kernel security update
5.15.0-320.202.8.3 - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache Jeff Layton Orabug: 39362036 CVE-2026-31402 - net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks Victor Nogueira Orabug: 39362005 CVE-2026-23270 - KVM: x86: disable preemption around the call to...
AlmaLinux 9 : kernel (ALSA-2026:13565)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13565 advisory. kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state CVE-2026-23136 kernel: Linux kernel: Use-after-free in...
DEBIAN-CVE-2026-23270
In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier 1: "Since the blamed commit below, classify can return TCACTCONSUMED while the current skb being held by the defragmentation...
CVE-2026-23270
In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier 1: "Since the blamed commit below, classify can return TCACTCONSUMED while the current skb being held by the defragmentation...
CVE-2026-23270 net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks
In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier 1: "Since the blamed commit below, classify can return TCACTCONSUMED while the current skb being held by the defragmentation...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient restrictions on actct bindings. This vulnerability could lead to reusing after relea...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the actct module not releasing old ct entry references when switching region or network namespaces, which could...
Oracle Linux 9 : kernel (ELSA-2024-8162)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8162 advisory. - gfs2: Fix NULL pointer dereference in gfs2logflush CKI Backport Bot RHEL-51561 RHEL-51559 CVE-2024-42079 - KVM: SVM: WARN on vNMI + NMI window iff NM...
SUSE-SU-2024:3569-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48901: btrfs: do not start relocation until in progress drops are done bsc1229607. - CVE-2022-48911: kabi: add nfqueuegetrefs for kabi compliance. bsc122963...
CVE-2024-42272
In the Linux kernel, the following vulnerability has been resolved: sched: actct: take care of padding in struct zoneshtkey Blamed commit increased lookup key size from 2 bytes to 16 bytes, because zoneshtkey got a struct net pointer. Make sure rhashtablelookup is not using the padding bytes whic...
CVE-2024-42272
In the Linux kernel, the following vulnerability has been resolved: sched: actct: take care of padding in struct zoneshtkey Blamed commit increased lookup key size from 2 bytes to 16 bytes, because zoneshtkey got a struct net pointer. Make sure rhashtablelookup is not using the padding bytes whic...
DEBIAN-CVE-2024-42272
In the Linux kernel, the following vulnerability has been resolved: sched: actct: take care of padding in struct zoneshtkey Blamed commit increased lookup key size from 2 bytes to 16 bytes, because zoneshtkey got a struct net pointer. Make sure rhashtablelookup is not using the padding bytes whic...
CVE-2024-42272
In the Linux kernel, the following vulnerability has been resolved: sched: actct: take care of padding in struct zoneshtkey Blamed commit increased lookup key size from 2 bytes to 16 bytes, because zoneshtkey got a struct net pointer. Make sure rhashtablelookup is not using the padding bytes whic...
CVE-2024-42272 sched: act_ct: take care of padding in struct zones_ht_key
In the Linux kernel, the following vulnerability has been resolved: sched: actct: take care of padding in struct zoneshtkey Blamed commit increased lookup key size from 2 bytes to 16 bytes, because zoneshtkey got a struct net pointer. Make sure rhashtablelookup is not using the padding bytes whic...
CVE-2024-42272
The connected IBM Security Bulletin confirms CVE-2024-42272 as a Linux kernel issue fixed in sched: act_ct. The root cause was the padding in zones_ht_key after a patch widened the rhashtable key from 2 to 16 bytes; rhashtable_lookup() could read uninitialized padding bytes. The fix ensures paddi...
CVE-2023-52610
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix skb leak and crash on ooo frags actct adds skb-users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inetfragreasmprepare skbmorph which is not straightforward. Howev...
CVE-2023-52610
CVE-2023-52610 is a Linux kernel vulnerability in the net/sched: act_ct path. The issue arises when defragmenting fragments (ooo frag) where skb references are mishandled, leaking skb buffers and potentially crashing the kernel when skb is cloned/shared. The root cause is the previous use of skb_...
CVE-2021-47014
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix wild memory access when clearing fragments while testing re-assembly/re-fragmentation using actct, it's possible to observe a crash like the following one: KASAN: maybe wild-memory-access in range...
CVE-2021-47014
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix wild memory access when clearing fragments while testing re-assembly/re-fragmentation using actct, it's possible to observe a crash like the following one: KASAN: maybe wild-memory-access in range...
CVE-2021-47014
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix wild memory access when clearing fragments while testing re-assembly/re-fragmentation using actct, it's possible to observe a crash like the following one: KASAN: maybe wild-memory-access in range...