11 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: Do not count unused/invalid keys for flow release. We are currently encountering the WARNON message in mctpi2cflowrelease: c if midev-releasecount midev-i2clockcount WARNONCE1, "Release count overflow"; This issue may...
SUSE CVE-2022-49820
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: don't count unused / invalid keys for flow release We're currently hitting the WARNON in mctpi2cflowrelease: if midev-releasecount midev-i2clockcount WARNONCE1, "release count overflow"; This may be hit if we expire a...
CVE-2022-49820
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: don't count unused / invalid keys for flow release We're currently hitting the WARNON in mctpi2cflowrelease: if midev-releasecount midev-i2clockcount WARNONCE1, "release count overflow"; This may be hit if we expire a...
UBUNTU-CVE-2022-49820
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: don't count unused / invalid keys for flow release We're currently hitting the WARNON in mctpi2cflowrelease: if midev-releasecount midev-i2clockcount WARNONCE1, "release count overflow"; This may be hit if we expire a...
CVE-2022-49820 mctp i2c: don't count unused / invalid keys for flow release
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: don't count unused / invalid keys for flow release We're currently hitting the WARNON in mctpi2cflowrelease: if midev-releasecount midev-i2clockcount WARNONCE1, "release count overflow"; This may be hit if we expire a...
CVE-2022-49820 mctp i2c: don't count unused / invalid keys for flow release
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: don't count unused / invalid keys for flow release We're currently hitting the WARNON in mctpi2cflowrelease: if midev-releasecount midev-i2clockcount WARNONCE1, "release count overflow"; This may be hit if we expire a...
CVE-2022-49820
CVE-2022-49820 concerns the Linux kernel mctp i2c flow release logic. The issue arises when release_count > i2c_lock_count, triggering a WARN_ONCE due to expiring a flow before sending the first packet and not pairing the release increment with the i2c lock operation. The fix adds a guard: onl...
PT-2025-18537
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the mctp i2c module. The issue arises when a flow is released before sending the first packet it contains, causing a...
UBUNTU-CVE-2024-36903
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-value access in ip6makeskb As it was done in commit fc1092f51567 "ipv4: Fix uninit-value access in ipmakeskb" for IPv4, check FLOWIFLAGKNOWNNH on fl6-flowi6flags instead of testing HDRINCL on the socket...
Cybersecurity Analysts: Job Stress Is Bad, but Boredom Is Kryptonite
Years ago, “airline pilot” used to be a high-stress profession. Imagine being in personal control of equipment worth millions hurtling through the sky on an irregular schedule with the lives of all the passengers in your hands. But today on any given flight, autopilot is engaged almost 90% of the...
IPv6 oops triggerable by any user
net/ipv6/tcpipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6flsocklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service OOPS or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to...