SUSE SLES15 Security Update : kernel (Live Patch 43 for SLE 15 SP3) (SUSE-SU-2024:1738-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1738-1 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb-macheader If an AFPACKE...

CVE-2024-26834

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: release dst in case direct xmit path is used Direct xmit does not use it since it calls devqueuexmit to send packets, hence it calls dstrelease. kmemleak reports: unreferenced object 0xffff88814f440900...

CVE-2024-26834

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: release dst in case direct xmit path is used Direct xmit does not use it since it calls devqueuexmit to send packets, hence it calls dstrelease. kmemleak reports: unreferenced object 0xffff88814f440900...

UBUNTU-CVE-2024-26834

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: release dst in case direct xmit path is used Direct xmit does not use it since it calls devqueuexmit to send packets, hence it calls dstrelease. kmemleak reports: unreferenced object 0xffff88814f440900...

CVE-2024-26834 netfilter: nft_flow_offload: release dst in case direct xmit path is used

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: release dst in case direct xmit path is used Direct xmit does not use it since it calls devqueuexmit to send packets, hence it calls dstrelease. kmemleak reports: unreferenced object 0xffff88814f440900...

CVE-2024-26834 netfilter: nft_flow_offload: release dst in case direct xmit path is used

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: release dst in case direct xmit path is used Direct xmit does not use it since it calls devqueuexmit to send packets, hence it calls dstrelease. kmemleak reports: unreferenced object 0xffff88814f440900...

CVE-2024-26834

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: release dst in case direct xmit path is used Direct xmit does not use it since it calls devqueuexmit to send packets, hence it calls dstrelease. kmemleak reports: unreferenced object 0xffff88814f440900...

CVE-2024-26834 netfilter: nft_flow_offload: release dst in case direct xmit path is used

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: release dst in case direct xmit path is used Direct xmit does not use it since it calls devqueuexmit to send packets, hence it calls dstrelease. kmemleak reports: unreferenced object 0xffff88814f440900...

CVE-2024-26834

The CVE-2024-26834 entry concerns the Linux kernel netfilter NFT_FLOW_OFFLOAD path. TECHNICAL DETAILS (from connected docs): Direct xmit path avoids calling dst_release() due to using dev_queue_xmit(), leaving a kmemleak-reported unreferenced object and a route stack path that can affect packet r...