186 matches found
CVE-2022-49576
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctlfibmultipathhashfields. While reading sysctlfibmultipathhashfields, it can be changed concurrently. Thus, we need to add READONCE to its readers...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the presence of data contention in sysctlfibmultipathhashfields...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. ctl is a tool of the FreeBSD Foundation . Provides SCSI target device emulation. A security vulnerability exists in Linux kernel that stems from the presence of data...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: fib6rules: avoided possible NULL dereferencing in fib6ruleaction. syzbot is capable of triggering the following crashes 1, caused by the unsafe use of ip6dstidev. Indeed, ip6dstidev can return NULL, and this value must...
SUSE CVE-2024-56751
In the Linux kernel, the following vulnerability has been resolved: ipv6: release nexthop on device removal The CI is hitting some aperiodic hangup at device removal time in the pmtu.sh self-test: unregisternetdevice: waiting for vethA-R1 to become free. Usage count = 6 reftracker:...
AZL-54764 CVE-2024-56751 affecting package kernel for versions less than 5.15.182.1-1
In the Linux kernel, the following vulnerability has been resolved: ipv6: release nexthop on device removal The CI is hitting some aperiodic hangup at device removal time in the pmtu.sh self-test: unregisternetdevice: waiting for vethA-R1 to become free. Usage count = 6 reftracker:...
AZL-54854 CVE-2024-56751 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: ipv6: release nexthop on device removal The CI is hitting some aperiodic hangup at device removal time in the pmtu.sh self-test: unregisternetdevice: waiting for vethA-R1 to become free. Usage count = 6 reftracker:...
UBUNTU-CVE-2024-56703
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix soft lockups in fib6selectpath under high next hop churn Soft lockups have been observed on a cluster of Linux-based edge routers located in a highly dynamic environment. Using the bird service, these routers continuous...
DEBIAN-CVE-2024-56646
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid possible NULL deref in modifyprefixroute syzbot found a NULL deref 1 in modifyprefixroute, caused by one fib6info without a fib6table pointer set. This can happen for net-ipv6.fib6nullentry 1 Oops: general protection...
kernel: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6rules: avoid possible NULL dereference in fib6ruleaction syzbot is able to trigger the following crash 1, caused by unsafe ip6dstidev use. Indeed ip6dstidev can return NULL, and must always be checked. 1 Oops: general...
PT-2024-37063
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, involving IPv6 and device removal. The issue occurred during device removal in the pmtu.sh self-test, causing an aperiodic hangup...
SUSE CVE-2022-48999
In the Linux kernel, the following vulnerability has been resolved: ipv4: Handle attempt to delete multipath route when fibinfo contains an nh reference Gwangun Jung reported a slab-out-of-bounds access in fibnhmatch: fibnhmatch+0xf98/0x1130 linux-6.0-rc7/net/ipv4/fibsemantics.c:961...
DEBIAN-CVE-2022-48999
In the Linux kernel, the following vulnerability has been resolved: ipv4: Handle attempt to delete multipath route when fibinfo contains an nh reference Gwangun Jung reported a slab-out-of-bounds access in fibnhmatch: fibnhmatch+0xf98/0x1130 linux-6.0-rc7/net/ipv4/fibsemantics.c:961...
UBUNTU-CVE-2022-48999
In the Linux kernel, the following vulnerability has been resolved: ipv4: Handle attempt to delete multipath route when fibinfo contains an nh reference Gwangun Jung reported a slab-out-of-bounds access in fibnhmatch: fibnhmatch+0xf98/0x1130 linux-6.0-rc7/net/ipv4/fibsemantics.c:961...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a multipath routing issue in the ipv4 subsystem that attempts to remove a fibinfo containing an nh reference...
kernel: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6rules: avoid possible NULL dereference in fib6ruleaction syzbot is able to trigger the following crash 1, caused by unsafe ip6dstidev use. Indeed ip6dstidev can return NULL, and must always be checked. 1 Oops: general...
kernel: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6rules: avoid possible NULL dereference in fib6ruleaction syzbot is able to trigger the following crash 1, caused by unsafe ip6dstidev use. Indeed ip6dstidev can return NULL, and must always be checked. 1 Oops: general...
DEBIAN-CVE-2024-40905
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible race in fib6droppcpufrom syzbot found a race in fib6droppcpufrom 1 If compiler reads more than once ppcpurt, second read could read NULL, if another cpu clears the value in rt6getpcpuroute. Add a READONCE to...
UBUNTU-CVE-2024-40961
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL deref in fib6nhinit syzbot reminds us that in6devget can return NULL. fib6nhinit ip6validategw &idev ip6routechecknh idev idev = in6devgetdev; // can be NULL Oops: general protection fault, probably fo...
The vulnerability of the __fib6_rule_action() function in the Linux operating system’s IPv6 kernel implementation allows a hacker to induce a service failure.
The vulnerability of the fib6ruleaction function in the net/ipv6/fib6rules.c module of the Linux operating system’s IPv6 kernel implementation is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...