17 matches found
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEVSTATSINC to avoid data-races syzbot/KCSAN reported that multiple cpus are updating dev-stats.txerror concurrently. This is because sit tunnels are NETIFFLLTX, meaning their ndostartxmit is not protected by a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Memory corruption occurs when using the identity domain. zpcigetiommuctrs returns counter information that needs to be reported as part of device statistics. These counters are stored as part of the s390domain. Howeve...
CVE-2022-50764
In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEVSTATSINC to avoid data-races syzbot/KCSAN reported that multiple cpus are updating dev-stats.txerror concurrently. This is because sit tunnels are NETIFFLLTX, meaning their ndostartxmit is not protected by a...
CVE-2022-50764
The CVE-2022-50764 entry concerns a Linux kernel issue in ipv6/sit where dev->stats.tx_error data-races occur because sit tunnels are NETIF_F_LLTX and not protected by a spinlock. The root cause is multiple CPUs updating tx_error concurrently, with the fix implemented as DEV_STATS_INC() to avo...
EUVD-2025-32396
In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Fix memory corruption when using identity domain zpcigetiommuctrs returns counter information to be reported as part of device statistics; these counters are stored as part of the s390domain. The problem, however, is...
CVE-2025-39939
In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Fix memory corruption when using identity domain zpcigetiommuctrs returns counter information to be reported as part of device statistics; these counters are stored as part of the s390domain. The problem, however, is...
CVE-2025-39939
The CVE-2025-39939 issue affects the Linux kernel (iommu/s390) where zpci_get_iommu_ctrs() could read a bad address for identity-domain devices, causing memory corruption. The root cause is that identity domains are not backed by an s390_domain, leading to an invalid to_s390_domain() result and o...
CVE-2025-39939 iommu/s390: Fix memory corruption when using identity domain
In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Fix memory corruption when using identity domain zpcigetiommuctrs returns counter information to be reported as part of device statistics; these counters are stored as part of the s390domain. The problem, however, is...
UBUNTU-CVE-2023-53393
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5ibgethwstats when used for device Currently, when mlx5ibgethwstats is used for device portnum = 0, there is a special handling in order to use the correct counters, but, portnum is being passed down the stack...
kernel: net: bridge: data races indata-races in br_handle_frame_finish()
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEVSTATSINC syzbot/KCSAN reported data-races in brhandleframefinish 1 This function can run from multiple cpus without mutual exclusion. Adopt SMP safe DEVSTATSINC to update dev-stats fields. Handles updates to...
kernel: net: bridge: data races indata-races in br_handle_frame_finish()
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEVSTATSINC syzbot/KCSAN reported data-races in brhandleframefinish 1 This function can run from multiple cpus without mutual exclusion. Adopt SMP safe DEVSTATSINC to update dev-stats fields. Handles updates to...
kernel: net: bridge: data races indata-races in br_handle_frame_finish()
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEVSTATSINC syzbot/KCSAN reported data-races in brhandleframefinish 1 This function can run from multiple cpus without mutual exclusion. Adopt SMP safe DEVSTATSINC to update dev-stats fields. Handles updates to...
kernel: net: bridge: data races indata-races in br_handle_frame_finish()
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEVSTATSINC syzbot/KCSAN reported data-races in brhandleframefinish 1 This function can run from multiple cpus without mutual exclusion. Adopt SMP safe DEVSTATSINC to update dev-stats fields. Handles updates to...
kernel: net: bridge: data races indata-races in br_handle_frame_finish()
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEVSTATSINC syzbot/KCSAN reported data-races in brhandleframefinish 1 This function can run from multiple cpus without mutual exclusion. Adopt SMP safe DEVSTATSINC to update dev-stats fields. Handles updates to...
kernel: net: bridge: data races indata-races in br_handle_frame_finish()
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEVSTATSINC syzbot/KCSAN reported data-races in brhandleframefinish 1 This function can run from multiple cpus without mutual exclusion. Adopt SMP safe DEVSTATSINC to update dev-stats fields. Handles updates to...
SUSE CVE-2023-52578
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEVSTATSINC syzbot/KCSAN reported data-races in brhandleframefinish 1 This function can run from multiple cpus without mutual exclusion. Adopt SMP safe DEVSTATSINC to update dev-stats fields. Handles updates to...
FiberHome LM53Q1 - Multiple Vulnerabilities
Exploit for hardware platform in category web applications !/usr/bin/python Exploit Title: FiberHome MIFI LM53Q1 Multiple Vulnerabilities Exploit Author: Ibad Shah Vendor Homepage: www.fiberhome.com Version: VH519R05C01S38 Tested on: Linux Platform : Hardware CVE : CVE-2017-16885, CVE-2017-16886,...