12 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: BPF: Mark the bpf prog stack with kmsanunpoisonmemory in interpreter mode. SYZBOT reported uninit memory usage during maplookup,deleteelem. ========= BUG: KMSAN: uninitvalue in devmaplookupelem kernel/bpf/devmap.c:441 inline...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: BPF, sockmap: Prevent lock inversion deadlock in mapdeleteelem operation. The syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Since BPF tracing programs can be invoked fr...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007315)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007315 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on t...
kernel: xsk: fix OOB map writes when deleting elements
In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...
AZL-55222 CVE-2024-56614 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...
SUSE CVE-2024-35895
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be invoked from any...
SUSE CVE-2024-27011
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...
AZL-54581 CVE-2024-27011 affecting package kernel for versions less than 6.6.64.2-9
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...
AZL-54575 CVE-2024-27011 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...
DEBIAN-CVE-2024-27011
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...
UBUNTU-CVE-2024-27011
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...
Possibility of deadlock in libbpf function sock_hash_delete_elem
...