Siemens SIMATIC S7-1500 Use After Free (CVE-2024-56601)

In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...

kernel: net: inet: do not leave a dangling sk pointer in inet_create()

In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...

SUSE-SU-2025:1276-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005580 fixes one issue. The following security issue was fixed: - CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6create bsc1235218...

CVE-2024-56600

CVE-2024-56600 (Linux kernel) : The issue arises in inet6_create() where sock_init_data() attaches an allocated sk to the sock, and if inet6_create() later fails, the sock keeps a dangling sk pointer, risking use-after-free. The fix, as described, is to clear the sock’s sk pointer on error to pre...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from inet6create in the net:afcan module not clearing the dangling sk pointer, which could lead to reuse after...

Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005562 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memor...

CVE-2024-50293 net/smc: do not leave a dangling sk pointer in __smc_create()

In the Linux kernel, the following vulnerability has been resolved: net/smc: do not leave a dangling sk pointer in smccreate Thanks to commit 4bbd360a5084 "socket: Print pf-create when it does not clear sock-sk on failure.", syzbot found an issue with AFSMC: smccreate must clear sock-sk on failur...

Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG bsc1231419 CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-36899:...

SUSE-SU-2024:3835-1 Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: - CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. - CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails...

SUSE-SU-2024:3643-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504002492 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

Security update for the Linux Kernel RT (Live Patch 17 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001361 fixes several issues. The following security issues were fixed: CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808 CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. CVE-2024-40909: bpf:...

CVE-2024-40954 net: do not leave a dangling sk pointer, when socket creation fails

In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...

CVE-2024-40954 net: do not leave a dangling sk pointer, when socket creation fails

In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...