9 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-26951
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via isdead instead of empty list If all peers ar...
Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-26951)
The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26951 advisory. - In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for...
CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2024-26951)
The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26951 advisory. - In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for...
CVE-2024-26951 affecting package hyperv-daemons for versions less than 6.6.35.1-1
CVE-2024-26951 affecting package hyperv-daemons for versions less than 6.6.35.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-26951 affecting package hyperv-daemons for versions less than 5.15.158.1-1
CVE-2024-26951 affecting package hyperv-daemons for versions less than 5.15.158.1-1. An upgraded version of the package is available that resolves this issue...
SUSE-SU-2024:1659-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-26760: Fixed scsi/target/pscsi bioput for error case bsc1222596. - CVE-2024-27389: Fixed pstore inode handling with dinvalidate bsc1223705. - CVE-2024-27062...
SUSE CVE-2024-26951
In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via isdead instead of empty list If all peers are removed via wgpeerremoveall, rather than setting peerlist to empty, the peer is added to a temporary list with a head on the stack of...
CVE-2024-26951
CVE-2024-26951 (Linux kernel, WireGuard) : The bug occurs in the netlink dump when peers are removed with wg_peer_remove_all(): a cursored peer that has been removed can lead to iterating freed peers, causing a use-after-free. The fix changes the check from an empty peer_list to the dedicated is_...
CVE-2024-26951 wireguard: netlink: check for dangling peer via is_dead instead of empty list
In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via isdead instead of empty list If all peers are removed via wgpeerremoveall, rather than setting peerlist to empty, the peer is added to a temporary list with a head on the stack of...