Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: do not free live element Pablo reported a crash when processing large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: addelem"00000000" timeout 100 ms ... addelem"0000000X"...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006830)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006830 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: do not free live element Pablo reports a crash with large batches of...

EUVD-2011-2323

Malware in sbrugna...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an overlapping expiration traversal issue in nftsetrbtree, which could lead to a memory leak and incorrect eleme...

CVE-2024-50024

In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that family: Oops: Kernel access of bad area, sig: 11 1 ... NIP c000000000c080bc...

CVE-2024-50024 net: Fix an unsafe loop on the list

In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that family: Oops: Kernel access of bad area, sig: 11 1 ... NIP c000000000c080bc...

The vulnerability of the CRI-O Container Engine’s application programming interface, a software platform for managing clusters of virtual machines in Kubernetes, arises from improper elimination of certain elements. This allows an attacker to perform arbitrary actions on the host system.

The vulnerability of the CRI-O Container Engine’s application programming interface, a software platform for managing clusters of virtual machines in Kubernetes, stems from the ability to introduce arbitrary properties through the Pod annotations of systemd. Exploiting this vulnerability allows a...

The vulnerability of the DCH-compatible Thunderbolt driver, related to incorrect elimination of special elements in the output data, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the DCH-compatible Thunderbolt driver is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2024-27011 netfilter: nf_tables: fix memleak in map from abort path

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...

SUSE CVE-2024-26924

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: addelem"00000000" timeout 100 ms ... addelem"0000000X" timeout 100 ms...

DEBIAN-CVE-2024-26924

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: addelem"00000000" timeout 100 ms ... addelem"0000000X" timeout 100 ms...

CVE-2024-26924

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: addelem"00000000" timeout 100 ms ... addelem"0000000X" timeout 100 ms...

CVE-2024-26924

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: addelem"00000000" timeout 100 ms ... addelem"0000000X" timeout 100 ms...

CVE-2024-26924 netfilter: nft_set_pipapo: do not free live element

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: addelem"00000000" timeout 100 ms ... addelem"0000000X" timeout 100 ms...

CVE-2024-26924

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: addelem"00000000" timeout 100 ms ... addelem"0000000X" timeout 100 ms...

SUSE-SU-2023:4260-1 Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059130 fixes several issues. The following security issues were fixed: - CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation bsc1215440. - CVE-2023-4147: Fixed...

LSN-0098-1: Kernel Live Patch Security Notice

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2023-3090 It...

kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove()

A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nftpipaporemove function with the element, without a NFTSETEXTKEYEND. This issue could allow a local user to crash the system or potentially escalate their privileges on the system...

USN-6330-1: Linux kernel (GCP) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

SUSE CVE-2011-3658

The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have unspecified other impact via vectors involving...