Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fixed the null-ptr-deref in addruleerrflow. In the error flow of mlx5tcctentryaddrule, if the ctruleadd callback returns an error, zonerule-attr is used without initialization. This issue was fixed by using attr,...

EUVD-2019-5304

Malware in sbrugna...

UBUNTU-CVE-2023-53492

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not ignore genmask when looking up chain by id When adding a rule to a chain referring to its ID, if that chain had been deleted on the same batch, the rule might end up referring to a deleted chain. This...

net/mlx5e: CT: Fix null-ptr-deref in add rule err flow

...

CVE-2024-53120

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5tcctentryaddrule, in case ctruleadd callback returns error, zonerule-attr is used uninitiated. Fix it to use attr which has the needed pointer value...

DEBIAN-CVE-2024-53120

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5tcctentryaddrule, in case ctruleadd callback returns error, zonerule-attr is used uninitiated. Fix it to use attr which has the needed pointer value...

UBUNTU-CVE-2024-53120

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5tcctentryaddrule, in case ctruleadd callback returns error, zonerule-attr is used uninitiated. Fix it to use attr which has the needed pointer value...

CVE-2024-53120

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5tcctentryaddrule, in case ctruleadd callback returns error, zonerule-attr is used uninitiated. Fix it to use attr which has the needed pointer value...

Vulnerability of components of Linux operating system’s kernel/mlx5, allowing a hacker to cause a service failure

The vulnerability of the net/mlx5 components of the Linux operating system’s kernel is related to incorrect initialization of a resource in the addrulefg function. Exploiting this vulnerability can allow an attacker to cause service failures...

SUSE CVE-2024-35960

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree Previously, addrulefg would only add newly created rules from the handle into the tree when they had a refcount of 1. On the other hand, createflowhandle tries hard to find and...

CVE-2019-14047

While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...

CVE-2018-16256

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering OptionsAdd Rule. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a...