9 matches found
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Network layer: Do not leave a dangling “sk” pointer when socket creation fails. It is possible to trigger a use-after-free by: - Attaching a “fentry” probe to sockrelease and the probe that calls bpfgetsocketcookie; - Running...
CVE-2024-40954
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...
UBUNTU-CVE-2024-40954
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...
CVE-2024-40954
The CVE-2024-40954 entry concerns a Linux kernel UAF: a dangling sk pointer may be created on socket creation failure when an fentry probe hits __sock_release() and bpf_get_socket_cookie() is invoked, enabling a use-after-free in __sock_gen_cookie. Reproducing scenario described via traceroute -I...
CVE-2024-40954 net: do not leave a dangling sk pointer, when socket creation fails
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...
CVE-2024-40954
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...
CVE-2024-40954 net: do not leave a dangling sk pointer, when socket creation fails
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...
PT-2024-6978
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10.0-rc2+ Description The vulnerability is related to a use-after-free issue in the Linux kernel's networking code. It can be triggered by attaching an fentry probe to sock release and the probe calling the bpf...
PT-2025-37662
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak can occur in the Linux kernel due to a failure during the attachment of fentry probes. When the attachment fails, the allocated bpf trampoline image remains in the system, ...