CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2024-35971

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Handle softirqs at the end of IRQ thread to fix hang The ks8851irq thread may call ks8851rxpkts in case there are any packets in the MAC FIFO, which calls netifrx. This netifrx implementation is guarded by...

CVE-2024-26961 mac802154: fix llsec key resources release in mac802154_llsec_key_del

In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154llseckeydel mac802154llseckeydel can free resources of a key directly without following the RCU rules for waiting before the end of a grace period. This may lead to...

CVE-2024-26600

In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not implement sendsrp, we may still attempt to call it. This can happen on an idle Ethernet gadget triggeri...