Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the validity of link-type in bpflinkshowfdinfo If a newly added link type does not invoke BPFLINKTYPE, accessing bpflinktypestrslink-type may lead to an out-of-bounds access. To detect such missed invocations early on,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Support for deferring bpflink deallocation to after RCU grace period For some program types, the “link” is passed as a “context” that can be used by those BPF programs to retrieve additional information. For example, for...

UBUNTU-CVE-2022-50219

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix KASAN use-after-free Read in computeeffectiveprogs Syzbot found a Use After Free bug in computeeffectiveprogs. The reproducer creates a number of BPF links, and causes a fault injected alloc to fail, while calling...

Linux Distros Unpatched Vulnerability : CVE-2024-35860

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: support deferring bpflink dealloc to after RCU grace period BPF link for some program types is passed as a context which can be used by those BPF programs ...

CLSA-2025-1739525795 kernel: Fix of 24 CVEs

media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - wifi: ath9k: add range check for connrspepid in htcconnectservice CVE-2024-53156 - xsk: fix OOB map writes when deleting elements CVE-2024-56614 - hvsock: Initializing vsk-trans to NULL to prevent a...

Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie bsc1229275. CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio:...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on exfatgetdentryset CVE-2024-42315 In the Linux kernel, the following vulnerability has been resolved: i3c: Use i3cdev-desc-info instead of calling i3cdevicegetinfo to avoid deadlock...

CVE-2024-56786

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-56786

...

SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP6) (SUSE-SU-2024:4209-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4209-1 advisory. This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: - CVE-2024-43861: Fix memory...

Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks bsc1229273. CVE-2023-52752: smb: client: fix...

SUSE CVE-2024-53099

In the Linux kernel, the following vulnerability has been resolved: bpf: Check validity of link-type in bpflinkshowfdinfo If a newly-added link type doesn't invoke BPFLINKTYPE, accessing bpflinktypestrslink-type may result in an out-of-bounds access. To spot such missed invocations early in the...

AZL-54595 CVE-2024-53099 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Check validity of link-type in bpflinkshowfdinfo If a newly-added link type doesn't invoke BPFLINKTYPE, accessing bpflinktypestrslink-type may result in an out-of-bounds access. To spot such missed invocations early in the...

AZL-54626 CVE-2024-53099 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Check validity of link-type in bpflinkshowfdinfo If a newly-added link type doesn't invoke BPFLINKTYPE, accessing bpflinktypestrslink-type may result in an out-of-bounds access. To spot such missed invocations early in the...

CVE-2024-53099 bpf: Check validity of link->type in bpf_link_show_fdinfo()

In the Linux kernel, the following vulnerability has been resolved: bpf: Check validity of link-type in bpflinkshowfdinfo If a newly-added link type doesn't invoke BPFLINKTYPE, accessing bpflinktypestrslink-type may result in an out-of-bounds access. To spot such missed invocations early in the...

SUSE CVE-2024-50123

In the Linux kernel, the following vulnerability has been resolved: bpf: Add the missing BPFLINKTYPE invocation for sockmap There is an out-of-bounds read in bpflinkshowfdinfo for the sockmap link fd. Fix it by adding the missing BPFLINKTYPE invocation for sockmap link Also add comments for...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates in the bpf module, where an out-of-bounds read problem exists for sockmap linked file descriptors, and is...

SUSE CVE-2024-40909

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free in bpflinkfree After commit 1a80dbcb2dba, bpflink can be freed by link-ops-deallocdeferred, but the code still tests and uses link-ops-dealloc afterward, which leads to a use-after-free as...

UBUNTU-CVE-2024-40909

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free in bpflinkfree After commit 1a80dbcb2dba, bpflink can be freed by link-ops-deallocdeferred, but the code still tests and uses link-ops-dealloc afterward, which leads to a use-after-free as...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a post-release reuse issue in the bpf component in the bpflinkfree function...