2033 matches found
CVE-2024-38612 ipv6: sr: fix invalid unregister error path
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6init is wrong in case CONFIGIPV6SEG6LWTUNNEL is not defined. In that case if seg6hmacinit fails, the genlunregisterfamily isn't called. This issue exist since comm...
CVE-2024-38612 ipv6: sr: fix invalid unregister error path
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6init is wrong in case CONFIGIPV6SEG6LWTUNNEL is not defined. In that case if seg6hmacinit fails, the genlunregisterfamily isn't called. This issue exist since comm...
CVE-2024-38612
CVE-2024-38612 affects the Linux kernel; the flaw is in the ipv6 SR (seg6) unregister path. The error path in seg6_init() can skip genl_unregister_family() if CONFIG_IPV6_SEG6_LWTUNNEL is not defined and seg6_hmac_init() fails, due to a changed cleanup path (unregister_pernet_subsys() replaced by...
CVE-2024-38612
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6init is wrong in case CONFIGIPV6SEG6LWTUNNEL is not defined. In that case if seg6hmacinit fails, the genlunregisterfamily isn't called. This issue exist since comm...
UBUNTU-CVE-2024-36967
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2keyencode 'scratch' is never freed. Fix this by calling kfree in the success, and in the error case...
RHEL 7 : nutch (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jetty: using specially formatted URL against DefaultServlet or ResourceHandler leads to XSS conditions...
SUSE CVE-2024-36886
In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page sam4k working with Trend Micro Zero Day Initiative reported a UAF in the tipcbufappend error path: BUG: KASAN: slab-use-after-free in kfreeskblistreason+0x47e/0x4c0 linux/net/core/skbuff.c:118...
DEBIAN-CVE-2024-36954
In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipcbufappend skblinearize doesn't free the skb when it fails, so move 'buf = NULL' after skblinearize, so that the skb can be freed on the err path...
DEBIAN-CVE-2024-36886
In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page sam4k working with Trend Micro Zero Day Initiative reported a UAF in the tipcbufappend error path: BUG: KASAN: slab-use-after-free in kfreeskblistreason+0x47e/0x4c0 linux/net/core/skbuff.c:118...
CVE-2024-36886
In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page sam4k working with Trend Micro Zero Day Initiative reported a UAF in the tipcbufappend error path: BUG: KASAN: slab-use-after-free in kfreeskblistreason+0x47e/0x4c0 linux/net/core/skbuff.c:118...
CVE-2024-36942
...
CVE-2024-36886 tipc: fix UAF in error path
In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page sam4k working with Trend Micro Zero Day Initiative reported a UAF in the tipcbufappend error path: BUG: KASAN: slab-use-after-free in kfreeskblistreason+0x47e/0x4c0 linux/net/core/skbuff.c:118...
CVE-2024-36886 tipc: fix UAF in error path
In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page sam4k working with Trend Micro Zero Day Initiative reported a UAF in the tipcbufappend error path: BUG: KASAN: slab-use-after-free in kfreeskblistreason+0x47e/0x4c0 linux/net/core/skbuff.c:118...
SUSE CVE-2023-52703
In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in kalmiasendinitpacket is uninitialized when passing it to the first usbbulkmsg error path. Jiri Pirko noted that it's pointless to pass it ...
kernel: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
A use-after-free flaw was found in the Linux kernel’s Qualcomm Gigabit Ethernet Media Access Controller EMAC driver in how a user triggers an error path in the emactxfilltpd function. This flaw allows a local user to crash or potentially escalate their privileges on the system...
SUSE CVE-2021-47564
In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in presterabridgeportjoin that cases prestera driver to crash see below. Trace: Internal error: Oops: 96000044 1 SMP Modules linked in: presterapci...
kernel: netfilter: nf_tables: possible module reference underflow in error path
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: possible module reference underflow in error path dst-ops is set on when nftexprclone fails, but module refcount has not been bumped yet, therefore nftexprdestroy leads to module reference underflow...
SUSE CVE-2021-47572
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled !CONFIGIPV6 we'll hit a NULL pointer dereference1 in the error path of nhcreateipv6 due to calling...
CVE-2021-47564
In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in presterabridgeportjoin that cases prestera driver to crash see below. Trace: Internal error: Oops: 96000044 1 SMP Modules linked in: presterapci...
CVE-2021-47473
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix a memory leak in an error path of qla2x00processels Commit 8c0eb596baa5 "SCSI qla2xxx: Fix a memory leak in an error path of qla2x00processels", intended to change: bsgjob-request-msgcode == FCBSGHSTELSNOLOGIN...