481 matches found
CVE-2024-26734
A vulnerability was found in the devlinkinit function in the Linux kernel. Use-after-free and memory leak issues can occur due to an incorrect order of initialization and cleanup in case of errors. This issue could lead to memory corruption or crashes...
CVE-2024-26734
In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlinkinit The pernet operations structure for the subsystem must be registered before registering the generic netlink family. Make an unregister in case of unsuccessful...
DEBIAN-CVE-2024-26734
In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlinkinit The pernet operations structure for the subsystem must be registered before registering the generic netlink family. Make an unregister in case of unsuccessful...
UBUNTU-CVE-2024-26734
In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlinkinit The pernet operations structure for the subsystem must be registered before registering the generic netlink family. Make an unregister in case of unsuccessful...
CVE-2024-26734 devlink: fix possible use-after-free and memory leaks in devlink_init()
In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlinkinit The pernet operations structure for the subsystem must be registered before registering the generic netlink family. Make an unregister in case of unsuccessful...
CVE-2024-26734 devlink: fix possible use-after-free and memory leaks in devlink_init()
In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlinkinit The pernet operations structure for the subsystem must be registered before registering the generic netlink family. Make an unregister in case of unsuccessful...
CVE-2024-26734
CVE-2024-26734 affects the Linux kernel devlink subsystem. The issue arises from use-after-free and memory leaks in devlink_init() due to the ordering of registration: the pernet operations structure must be registered before the generic netlink family, and a proper unregister path is needed if r...
CVE-2024-26734
In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlinkinit The pernet operations structure for the subsystem must be registered before registering the generic netlink family. Make an unregister in case of unsuccessful...
SUSE CVE-2021-47158
In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: add error handling in sja1105setup If any of sja1105staticconfigload, sja1105clockingsetup or sja1105devlinksetup fails, we can't just return in the middle of sja1105setup or memory will leak. Add a cleanup pat...
DEBIAN-CVE-2021-47158
In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: add error handling in sja1105setup If any of sja1105staticconfigload, sja1105clockingsetup or sja1105devlinksetup fails, we can't just return in the middle of sja1105setup or memory will leak. Add a cleanup pat...
SUSE CVE-2024-26587
In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...
Null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsiminitnetdevsim, which is only called if nsimdevportispf. Create a counterpart of nsiminitnetdevsim and move the mockphcdestroy there. This fixes a crash...
kernel: use-after-free after failed devlink reload in devlink_param_get
A flaw was found in the Netlink device interface implementation in the Linux kernel that improperly handled certain error conditions, leading to a use-after-free issue with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of...
kernel: devlink: hold region lock when flushing snapshots
In the Linux kernel, the following vulnerability has been resolved: devlink: hold region lock when flushing snapshots Netdevsim triggers a splat on reload, when it destroys regions with snapshots pending: WARNING: CPU: 1 PID: 787 at net/core/devlink.c:6291 devlinkregionsnapshotdel+0x12e/0x140 CPU...
PT-2025-49732
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-319.el9.x86 64 1 Description The Linux kernel contained an issue where devlink port type warn would schedule a warning when a devlink port type was not set, but the warning did not clearly indicate which...
CLSA-2023-1686651204 kernel: Fix of 25 CVEs
cgroup: Use open-time cgroup namespace for process migration perm checks CVE-2021-4197 - cgroup: Use open-time credentials for process migraton perm checks CVE-2021-4197 - vt: drop old FONT ioctls CVE-2021-33656 - fbmem: Check virtual screen sizes in fbsetvar CVE-2021-33655 - fbcon: Prevent that...
kernel: use-after-free after failed devlink reload in devlink_param_get
A flaw was found in the Netlink device interface implementation in the Linux kernel that improperly handled certain error conditions, leading to a use-after-free issue with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of...
kernel: use-after-free after failed devlink reload in devlink_param_get
A flaw was found in the Netlink device interface implementation in the Linux kernel that improperly handled certain error conditions, leading to a use-after-free issue with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of...
kernel: use-after-free after failed devlink reload in devlink_param_get
A flaw was found in the Netlink device interface implementation in the Linux kernel that improperly handled certain error conditions, leading to a use-after-free issue with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of...
kernel: net/mlx5: Fix command stats access after free
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command stats access after free Command may fail while driver is reloading and can't accept FW commands till command interface is reinitialized. Such command failure is being logged to command stats. This results in...