378 matches found
kernel: net: ena: Fix incorrect descriptor free behavior
This is a vulnerability in the Linux kernel's Elastic Network Adapter ENA driver, which manages network interfaces on certain platforms. The driver utilizes two types of transmit TX queues: one for packets from the network stack and another for packets directed by XDP eXpress Data Path operations...
kernel: net: ena: Fix incorrect descriptor free behavior
This is a vulnerability in the Linux kernel's Elastic Network Adapter ENA driver, which manages network interfaces on certain platforms. The driver utilizes two types of transmit TX queues: one for packets from the network stack and another for packets directed by XDP eXpress Data Path operations...
kernel: net: ena: Fix incorrect descriptor free behavior
This is a vulnerability in the Linux kernel's Elastic Network Adapter ENA driver, which manages network interfaces on certain platforms. The driver utilizes two types of transmit TX queues: one for packets from the network stack and another for packets directed by XDP eXpress Data Path operations...
PT-2024-27029 · Faronics · Winselect
Name of the Vulnerable Software and Affected Versions: Faronics WINSelect Standard + Enterprise affected versions not specified Description: The application saves its configuration in an encrypted file on the file system, which "Everyone" has read and write access to. The paths to the configurati...
PT-2024-29738 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.10.0-rc3+ Description: The issue is related to the handling of multi-buffer packets in the Linux kernel, specifically in the ionic run xdp function. When a jumbo frame is received, the function fails to proper...
CData Path Traversal
CData API Server 23.4.8844, CData Connect 23.4.8846, CData Arc 23.4.8839, CData Sync 23.4.8843 when running using the embedded Jetty server is affected by a vulnerability allowing an unauthenticated attacker to access unauthorized resources via a specially crafted request. No source data...
PT-2024-28424
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a potential kernel crash when multiple napi instances redirect to the same AF XDP socket. This can happen when the linked list of sockets to flush gets corrupted ...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a vulnerability in the xdp module...
SUSE CVE-2021-47554
In the Linux kernel, the following vulnerability has been resolved: vdpasim: avoid putting an uninitialized iovadomain The system will crash if we put an uninitialized iovadomain, this could happen when an error occurs before initializing the iovadomain in vdpasimcreate. BUG: kernel NULL pointer...
DEBIAN-CVE-2021-47562
In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi-txqmap sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi-txqmap's size is equal t...
UBUNTU-CVE-2021-47562
In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi-txqmap sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi-txqmap's size is equal t...
kernel: ixgbe: Fix panic during XDP_TX with > 64 CPUs
A flaw was found in the Linux kernel's ixgbe network driver. On systems with more than 64 CPUs, XDPTX operations can cause a kernel panic due to an array-index-out-of-bounds access. The ixgbexdplockingkey variable can be incorrectly decremented to zero during ring reconfiguration, causing the...
AZL-56247 CVE-2022-48706 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: vdpa: ifcvf: Do proper cleanup if IFCVF init fails ifcvfmgmtdev leaks memory if it is not freed before returning. Call is made to correct return statement so memory does not leak. ifcvfinithw does not take care of this so it is...
UBUNTU-CVE-2022-48706
In the Linux kernel, the following vulnerability has been resolved: vdpa: ifcvf: Do proper cleanup if IFCVF init fails ifcvfmgmtdev leaks memory if it is not freed before returning. Call is made to correct return statement so memory does not leak. ifcvfinithw does not take care of this so it is...
CVE-2021-47363
In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix division by zero while replacing a resilient group The resilient nexthop group torture tests in fibnexthop.sh exposed a possible division by zero while replacing a resilient group 1. The division by zero occurs when...
DEBIAN-CVE-2021-47363
In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix division by zero while replacing a resilient group The resilient nexthop group torture tests in fibnexthop.sh exposed a possible division by zero while replacing a resilient group 1. The division by zero occurs when...
CVE-2021-47363
In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix division by zero while replacing a resilient group The resilient nexthop group torture tests in fibnexthop.sh exposed a possible division by zero while replacing a resilient group 1. The division by zero occurs when...
SUSE CVE-2024-35958
In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix incorrect descriptor free behavior ENA has two types of TX queues: - queues which only process TX packets arriving from the network stack - queues which only process TX packets forwarded to it by XDPREDIRECT or XDPT...
SUSE CVE-2024-35976
In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDPUMEM|COMPLETIONFILLRING syzbot reported an illegal copy in xsksetsockopt 1 Make sure to validate setsockopt @optlen parameter. 1 BUG: KASAN: slab-out-of-bounds in copyfromsockptroffset...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a vulnerability in the vdpa:ifcvf module...