CVE-2023-53103

CVE-2023-53103 affects the Linux kernel bonding subsystem. A bug in the enslave/error path could clear the bond’s IFF_SLAVE/IFF_MASTER flags when an enslave of a non-ethernet device fails, causing inconsistent bond state. The fix uses bond_ether_setup to restore the bond’s flags correctly, ensuri...

CVE-2023-52784

In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 "net: lapbether: only support ethernet devices" has been able to keep syzbot away from net/lapb, until today. In the following splat 1, the issue is that a lapbethe...

CVE-2023-52784 bonding: stop the device in bond_setup_by_slave()

In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 "net: lapbether: only support ethernet devices" has been able to keep syzbot away from net/lapb, until today. In the following splat 1, the issue is that a lapbethe...

CVE-2023-52784

CVE-2023-52784 concerns the Linux kernel bonding subsystem. The issue arises when a lapbether device is created on a bonding device with no members, and adding a non-ARPHRD_ETHER member forces the bonding master to change type, potentially leading to misuse of devices. The documented fix is to ca...

CVE-2023-52784

In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 "net: lapbether: only support ethernet devices" has been able to keep syzbot away from net/lapb, until today. In the following splat 1, the issue is that a lapbethe...

CVE-2023-52784 bonding: stop the device in bond_setup_by_slave()

In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 "net: lapbether: only support ethernet devices" has been able to keep syzbot away from net/lapb, until today. In the following splat 1, the issue is that a lapbethe...

kernel: Local denial of service in bond_ipsec_add_sa

A NULL pointer dereference flaw was found in the Linux kernel’s bonding driver in the way a user bonds non existing or fake device. This flaw allows a local user to crash the system, causing a denial of service...

NetworkManager bug fix and enhancement update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

RedHat Update for initscripts RHSA-2012:0312-03

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

kernel security update

CentOS Errata and Security Advisory CESA-2010:0398 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scorin...

openSUSE 10 Security Update : kernel (kernel-5339)

This kernel update fixes the following security problems: CVE-2008-2136: A problem in SIT IPv6 tunnel handling could be used by remote attackers to immediately crash the machine. CVE-2008-1615: On x8664 a denial of service attack could be used by local attackers to immediately panic / crash the...