188 matches found
UBUNTU-CVE-2024-40961
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL deref in fib6nhinit syzbot reminds us that in6devget can return NULL. fib6nhinit ip6validategw &idev ip6routechecknh idev idev = in6devgetdev; // can be NULL Oops: general protection fault, probably fo...
The vulnerability of the __fib6_rule_action() function in the Linux operating system’s IPv6 kernel implementation allows a hacker to induce a service failure.
The vulnerability of the fib6ruleaction function in the net/ipv6/fib6rules.c module of the Linux operating system’s IPv6 kernel implementation is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...
Important: kernel
Issue Overview: A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET through the device file of the driver, resulting in a PCIe link disconnect. CVE-2022-3169 A vulnerability classified as...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netlink: annotate lockless accesses to nlk-maxrecvmsglen CVE-2023-53824 In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial CVE-2024-26900 In the Linux kernel, the...
ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
...
UBUNTU-CVE-2024-36902
In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6rules: avoid possible NULL dereference in fib6ruleaction syzbot is able to trigger the following crash 1, caused by unsafe ip6dstidev use. Indeed ip6dstidev can return NULL, and must always be checked. 1 Oops: general...
SUSE CVE-2021-47546
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6rulesuppress The kernel leaks memory when a fib rule is present in IPv6 nftables firewall rules and a suppressprefix rule is present in the IPv6 routing rules used by certain tools such as wg-quick. I...
CVE-2021-47546
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6rulesuppress The kernel leaks memory when a fib rule is present in IPv6 nftables firewall rules and a suppressprefix rule is present in the IPv6 routing rules used by certain tools such as wg-quick. I...
UBUNTU-CVE-2021-47546
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6rulesuppress The kernel leaks memory when a fib rule is present in IPv6 nftables firewall rules and a suppressprefix rule is present in the IPv6 routing rules used by certain tools such as wg-quick. I...
SUSE CVE-2021-47363
In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix division by zero while replacing a resilient group The resilient nexthop group torture tests in fibnexthop.sh exposed a possible division by zero while replacing a resilient group 1. The division by zero occurs when...
DEBIAN-CVE-2021-47363
In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix division by zero while replacing a resilient group The resilient nexthop group torture tests in fibnexthop.sh exposed a possible division by zero while replacing a resilient group 1. The division by zero occurs when...
SUSE CVE-2024-36008
In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in iprouteusehint syzbot was able to trigger a NULL deref in fibvalidatesource in an old tree 1. It appears the bug exists in latest trees. All calls to indevgetrcu must be checked for a NULL result. 1...
AZL-42243 CVE-2024-36008 affecting package kernel for versions less than 5.15.158.1-1
In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in iprouteusehint syzbot was able to trigger a NULL deref in fibvalidatesource in an old tree 1. It appears the bug exists in latest trees. All calls to indevgetrcu must be checked for a NULL result. 1...
AZL-42166 CVE-2024-36008 affecting package kernel for versions less than 6.6.35.1-4
In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in iprouteusehint syzbot was able to trigger a NULL deref in fibvalidatesource in an old tree 1. It appears the bug exists in latest trees. All calls to indevgetrcu must be checked for a NULL result. 1...
UBUNTU-CVE-2024-35886
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. 1 From the log, syzkaller sent an AFUNSPEC RTMGETROUTE message, and then the response wa...
Linux kernel security vulnerabilities
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from an error in the fib6nhflushexceptions method of the ipv6 module...
fib-advies.nl Improper Access Control vulnerability OBB-3866256
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
The vulnerability of the fib_rules_lookup() function in the Linux operating system’s IPv6 kernel module allows a hacker to cause a service failure.
The vulnerability of the fibruleslookup function in the Linux IPv6 kernel module is related to access to resources through incompatible types when processing the values of rt6info and fib6info in the arg.result parameter. Exploiting this vulnerability could allow an attacker to cause a service...
UBUNTU-CVE-2023-3022
A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6rulelookup, sometimes holding rt6info and other times fib6info. This was not accounted for in other parts of the code where rt6info was expected unconditionally, potentially leading to a kerne...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux Kernel has a code issue vulnerability that stems from a flaw in the IPv6 module where arg.result is used inconsistently in fib6rulelookup, sometimes holding rt6info and...