126 matches found
AZL-49167 CVE-2024-46677 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfdlookup fails, gtpencapenablesocket returns a NULL pointer, but its callers only check for error pointers thus miss the NULL pointer case. Fix it by returning an error point...
SUSE CVE-2024-44070
An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...
AZL-47868 CVE-2024-44070 affecting package frr for versions less than 9.1.1-2
An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...
UBUNTU-CVE-2024-44070
An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...
FRRouting 安全漏洞
FRRouting is the FRRouting open source suite of network routing software that runs on Unix-like platforms. A security vulnerability exists in FRRouting versions 10.1 and earlier, which stems from bgpattrencap in bgpd/bgpattr.c that does not check the actual remaining stream length before obtainin...
PT-2024-33782
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a possible tunnel refcount underflow in the Linux kernel's l2tp module. When a session is created, it sets a backpointer to its tunnel, and when the session...
SUSE CVE-2021-47247
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
CVE-2021-47309
In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...
DEBIAN-CVE-2021-47247
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
CVE-2021-47247
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
CVE-2021-47247
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
UBUNTU-CVE-2021-47247
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
UBUNTU-CVE-2021-47309
In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...
CVE-2021-47247
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
CVE-2021-47247 net/mlx5e: Fix use-after-free of encap entry in neigh update handler
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
CVE-2021-47247
CVE-2021-47247 is a Linux kernel use-after-free in the mlx5e_encap_take path during neigh update, caused by improper handling when encap entries are concurrently inserted/deleted after rtnetlink lock changes. The issue is documented in upstream kernel notes and is listed in Debian’s DLA-4178-1 ad...
CVE-2021-47247 net/mlx5e: Fix use-after-free of encap entry in neigh update handler
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
CVE-2021-47199
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT, Fix multiple allocations and memleak of mod acts CT clear action offload adds additional mod hdr actions to the flow's original mod actions in order to clear the registers which hold ctstate. When such flow also...
CVE-2021-47199
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT, Fix multiple allocations and memleak of mod acts CT clear action offload adds additional mod hdr actions to the flow's original mod actions in order to clear the registers which hold ctstate. When such flow also...
CVE-2021-47199
The CVE-2021-47199 issue in the Linux kernel's mlx5e CT offload layer causes a memleak of mod hdr actions due to CT clear action offload flow handling. Specifically, CT clear action offload adds the same set of mod hdr actions to reset ct_state when an encap action is present, potentially repeati...