AZL-49211 CVE-2024-45016 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netemenqueue introduced by commit 5845f706388a "net: netem: fix skb length BUGON in skbtosgvec" that can lead to a use-after-free. This commit made netemenqueue...

DEBIAN-CVE-2024-45016

In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netemenqueue introduced by commit 5845f706388a "net: netem: fix skb length BUGON in skbtosgvec" that can lead to a use-after-free. This commit made netemenqueue...

AZL-49239 CVE-2024-45016 affecting package kernel for versions less than 6.6.51.1-1

In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netemenqueue introduced by commit 5845f706388a "net: netem: fix skb length BUGON in skbtosgvec" that can lead to a use-after-free. This commit made netemenqueue...

UBUNTU-CVE-2024-45016

In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netemenqueue introduced by commit 5845f706388a "net: netem: fix skb length BUGON in skbtosgvec" that can lead to a use-after-free. This commit made netemenqueue...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the schedfork function opening up competition with system calls by not placing tasks in the run queue...

kernel: net: netlink: af_netlink: Prevent empty skb by adding a check on len.

In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netemenqueue function which is caused when skb-len=0 and skb-datalen=0 in...

PT-2024-36890

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description A warning is triggered in the Linux kernel when running a specific command, due to a task being boosted and having its parameters set by rt mutex setprio, making a new call to setup new dl enti...

DEBIAN-CVE-2021-47606

In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netemenqueue function which is caused when skb-len=0 and skb-datalen=0 in...

UBUNTU-CVE-2021-47606

In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netemenqueue function which is caused when skb-len=0 and skb-datalen=0 in...

bpf skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue

...

SUSE CVE-2022-3586

A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the schsfb enqueue function used the socket buffer SKB cb field after the same SKB had been enqueued and freed into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing...

SUSE CVE-2024-36938

In the Linux kernel, the following vulnerability has been resolved: bpf, skmsg: Fix NULL pointer dereference in skpsockskbingressenqueue Fix NULL pointer data-races in skpsockskbingressenqueue which syzbot reported 1. 1 BUG: KCSAN: data-race in skpsockdrop / skpsockskbingressenqueue write to...

SUSE CVE-2023-52855

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In dwc2hcdurbenqueue, "urb-hcpriv = NULL" is executed without holding the lock "hsotg-lock". In dwc2hcdurbdequeue: spinlockirqsave&hsotg-lock, flags;...

UBUNTU-CVE-2023-52855

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In dwc2hcdurbenqueue, "urb-hcpriv = NULL" is executed without holding the lock "hsotg-lock". In dwc2hcdurbdequeue: spinlockirqsave&hsotg-lock, flags;...

PT-2024-11222 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.12.0+ Description: The issue is related to an out-of-bounds access in the traffic path of the Linux kernel's fq pie module. This occurs when the fq pie qdisc enqueue function attempts to access memory beyond t...

UBUNTU-CVE-2021-46998

In the Linux kernel, the following vulnerability has been resolved: ethernet:enic: Fix a use after free bug in enichardstartxmit In enichardstartxmit, it calls enicqueuewqskb. Inside enicqueuewqskb, if some error happens, the skb will be freed by devkfreeskbskb. But the freed skb is still used in...

Kernel: denial of service in atm_tc_enqueue in net/sched/sch_atm.c due to type confusion

A denial of service flaw was found in atmtcenqueue in net/sched/schatm.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TCACTSHOT condition rather than valid classification results...

what3words Address Field < 4.0.0 - Admin+ Sensitive Information Disclosure

Description A vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and classified as problematic. Affected by this vulnerability is the function enqueuescripts of the file w3w-autosuggest/public/class-w3w-autosuggest-public.php of the component Setting Handler. T...

WordPress Plugin What3words Autosuggest 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure vulnerabilit...

PT-2023-12541 · What3Words · What3Words Autosuggest Plugin

Name of the Vulnerable Software and Affected Versions: what3words Autosuggest Plugin versions up to 4.0.0 Description: A vulnerability has been found in the what3words Autosuggest Plugin, classified as problematic. The issue affects the enqueue scripts function of the file...