188 matches found
CVE-2025-38588 ipv6: prevent infinite loop in rt6_nlmsg_size()
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6nlmsgsize While testing prior patch, I was able to trigger an infinite loop in rt6nlmsgsize in the following place: listforeachentryrcusibling, &f6i-fib6siblings, fib6siblings...
CVE-2025-38587 ipv6: fix possible infinite loop in fib6_info_uses_dev()
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible infinite loop in fib6infousesdev fib6infousesdev seems to rely on RCU without an explicit protection. Like the prior fix in rt6nlmsgsize, we need to make sure fib6delroute or fib6addrt2node have not removed the...
Linux Distros Unpatched Vulnerability : CVE-2021-47546
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6rulesuppress The kernel leaks memory when a fib rule is present...
Linux Distros Unpatched Vulnerability : CVE-2023-52996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type...
The vulnerability in the `drivers/net/netdevsim/fib.c` component of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the drivers/net/netdevsim/fib.c component of the Linux operating system is related to reading data from the buffer beyond its allowable limits. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the fib_metrics_match() function in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the fibmetricsmatch function in the Linux operating system’s kernel is related to the lack of memory release. Exploiting this vulnerability could allow an attacker to cause a service failure...
kernel: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6rules: avoid possible NULL dereference in fib6ruleaction syzbot is able to trigger the following crash 1, caused by unsafe ip6dstidev use. Indeed ip6dstidev can return NULL, and must always be checked. 1 Oops: general...
The vulnerability of the fib4_rule_action() function in the net/ipv4/fibRules.c module of the IPv4 protocol implementation in the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the fib4ruleaction function in the net/ipv4/fibrules.c module of the Linux operating system’s IPv4 kernel implementation is related to improper memory release before deleting the last pointer memory leak. Exploiting this vulnerability could allow an attacker to cause a servic...
SUSE CVE-2023-52996
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type being used as an array index, we need to prevent cpu speculation or ri...
DEBIAN-CVE-2023-52996
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type being used as an array index, we need to prevent cpu speculation or ri...
UBUNTU-CVE-2023-52996
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type being used as an array index, we need to prevent cpu speculation or ri...
CVE-2023-52996 ipv4: prevent potential spectre v1 gadget in fib_metrics_match()
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type being used as an array index, we need to prevent cpu speculation or ri...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a Spectre v1 attack risk in fibmetricsmatch...
SUSE CVE-2022-49580
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibmultipathuseneigh. While reading sysctlfibmultipathuseneigh, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49637
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibsyncmem. While reading sysctlfibsyncmem, it can be changed concurrently. So, we need to add READONCE to avoid a data-race...
CVE-2022-49576
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctlfibmultipathhashfields. While reading sysctlfibmultipathhashfields, it can be changed concurrently. Thus, we need to add READONCE to its readers...
UBUNTU-CVE-2022-49576
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctlfibmultipathhashfields. While reading sysctlfibmultipathhashfields, it can be changed concurrently. Thus, we need to add READONCE to its readers...
UBUNTU-CVE-2022-49092
In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 while deleting routes2 which is caused by trying to delete a route pointing to a nexthop id without specifying nhid but matching on an...
CVE-2022-49637
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibsyncmem. While reading sysctlfibsyncmem, it can be changed concurrently. So, we need to add READONCE to avoid a data-race...
CVE-2022-49580
The CVE-2022-49580 entry describes a data-race in the Linux kernel IPv4 path around reading sysctl_fib_multipath_use_neigh, which could be changed concurrently. The referenced fix adds READ_ONCE() to the reader to guard against concurrent modification. Affected software is the Linux kernel (IPv4 ...