CVE-2022-48911

A use-after-free flaw was found in the Linux kernel's NetFilter functionality. This issue could allow a local user to crash the system or escalate their privileges on the system. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat...

CVE-2022-48911

CVE-2022-48911 affects the Linux kernel nf_queue path in the netfilter subsystem. The vulnerability arises from a use-after-free risk when skb/nf_queue handling interacts with sock_hold/sk_refcnt, potentially causing a stored packet to be mishandled; on failure the packet is dropped by the caller...

CVE-2022-48711 tipc: improve size validations for received domain records

In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...

CVE-2022-48711 tipc: improve size validations for received domain records

In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...

CVE-2024-26921

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

CVE-2024-26921 inet: inet_defrag: prevent sk release while still in use

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0026) (SACK Panic) (SACK Slowness)

The remote OracleVM system is missing necessary patches to address critical security updates : - Add CVE numbers for CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 Chuck Anderson Orabug: 29890820 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 - tcp: fix...

Unbreakable Enterprise kernel security update

4.14.35-1818.1.6 - ipv4: frags: handle possible skb truesize change Eric Dumazet Orabug: 28481663 CVE-2018-5391 4.14.35-1818.1.5 - inet: frag: enforce memory limits earlier Eric Dumazet Orabug: 28481663 CVE-2018-5391 - init/main.c: reorder bootcpustateinit/smppreparebootcpu Mihai Carabas Orabug:...

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-94.5.9 - dentry name snapshots Al Viro Orabug: 26630936 CVE-2017-7533 4.1.12-94.5.8 - scsi: libiscsi: use kvzalloc for iscsipoolinit Kyle Fortin Orabug: 26621191 - mm: introduce kvmzalloc helpers Kyle Fortin Orabug: 26621191 - KEYS: Disallow keyrings beginning with '.' to be...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3509)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3509 advisory. - net: avoid signed overflows for SOSND|RCVBUFFORCE Eric Dumazet Orabug: 25203623 CVE-2016-9793 - tcp: fix use after free in tcpxmitretransmitqueue...

Oracle: Security Advisory (ELSA-2015-3073)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3108)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3108 advisory. - net: guard tcpsetkeepalive to tcp sockets Eric Dumazet Orabug: 20224099 CVE-2012-6657 - isofs: Fix unbounded recursion when processing relocated...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2010)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2010 advisory. - block check for proper length of iov entries earlier in blkrqmapuseriov Xiaotian Feng CVE-2010-4668 - scm: lower SCMMAXFD Eric Dumazet...

Ubuntu: Security Advisory (USN-1203-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 10.10 : linux-mvl-dove vulnerabilities (USN-1208-1)

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Alex Shi and Eric Dumazet discovered that the network stack...