EUVD-2024-53296

Malicious code in bioql PyPI...

CVE-2023-53462

In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in fillframeinfo Syzbot reports the following uninit-value access problem. ===================================================== BUG: KMSAN: uninit-value in fillframeinfo net/hsr/hsrforward.c:601 inli...

CVE-2023-53462 hsr: Fix uninit-value access in fill_frame_info()

In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in fillframeinfo Syzbot reports the following uninit-value access problem. ===================================================== BUG: KMSAN: uninit-value in fillframeinfo net/hsr/hsrforward.c:601 inli...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an uninitialized value access in the fillframeinfo function, which could lead to memory corruption...

Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001023 fixes one issue. The following security issue was fixed: CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

AZL-54818 CVE-2024-56648 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...

CVE-2024-56648 net: hsr: avoid potential out-of-bound access in fill_frame_info()

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...

CVE-2024-56648 net: hsr: avoid potential out-of-bound access in fill_frame_info()

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...

CVE-2024-56648

Overview: CVE-2024-56648 is a Linux kernel vulnerability in the HSR net path that is resolved by extending bounds checking in fill_frame_info(). Affected component: Linux kernel, net/hsr/hsr_forward.c (function fill_frame_info). Root cause: fill_frame_info() depended on skb->mac_len without ha...