42 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the active flag for FTEs in the net/mlx5 component not being checked by locking during deletion, causing the...
SUSE CVE-2022-48976
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtableoffload: fix using thiscpuadd in preemptible flowoffloadqueuework can be called in workqueue without bh disabled, like the call trace showed in my actct testing, calling NFFLOWTABLESTATINC there would cause a...
AZL-51327 CVE-2022-48976 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtableoffload: fix using thiscpuadd in preemptible flowoffloadqueuework can be called in workqueue without bh disabled, like the call trace showed in my actct testing, calling NFFLOWTABLESTATINC there would cause a...
DEBIAN-CVE-2022-48976
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtableoffload: fix using thiscpuadd in preemptible flowoffloadqueuework can be called in workqueue without bh disabled, like the call trace showed in my actct testing, calling NFFLOWTABLESTATINC there would cause a...
kernel: net/sched: Fix UAF when resolving a clash
A use-after-free vulnerability was found in the net/sshd tcfctflowtableprocessconn of the Linux kernel. This flaw allows an attacker with a crafted payload to induce a system crash, resulting in a loss of system availability...
kernel: net/sched: Fix UAF when resolving a clash
A use-after-free vulnerability was found in the net/sshd tcfctflowtableprocessconn of the Linux kernel. This flaw allows an attacker with a crafted payload to induce a system crash, resulting in a loss of system availability...
kernel: net/sched: Fix UAF when resolving a clash
A use-after-free vulnerability was found in the net/sshd tcfctflowtableprocessconn of the Linux kernel. This flaw allows an attacker with a crafted payload to induce a system crash, resulting in a loss of system availability...
kernel: net/sched: Fix UAF when resolving a clash
A use-after-free vulnerability was found in the net/sshd tcfctflowtableprocessconn of the Linux kernel. This flaw allows an attacker with a crafted payload to induce a system crash, resulting in a loss of system availability...
AZL-49015 CVE-2024-44983 affecting package kernel for versions less than 6.6.51.1-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate vlan header Ensure there is sufficient room to access the protocol field of the VLAN header, validate it once before the flowtable lookup. ===================================================== BUG:...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue that could result if a connection trace conntrack is resolved but still passed to...
SUSE CVE-2023-52667
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fsanycreategroups When kcalloc for ft-g succeeds but kvzalloc for in fails, fsanycreategroups will free ft-g. However, its caller fsanycreatetable will free ft-g again through calling...
DEBIAN-CVE-2024-35835
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfscreategroups When in allocated by kvzalloc fails, arfscreategroups will free ft-g and return an error. However, arfscreatetable, the only caller of arfscreategroups, will hold this error and ca...
DEBIAN-CVE-2023-52667
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fsanycreategroups When kcalloc for ft-g succeeds but kvzalloc for in fails, fsanycreategroups will free ft-g. However, its caller fsanycreatetable will free ft-g again through calling...
UBUNTU-CVE-2023-52667
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fsanycreategroups When kcalloc for ft-g succeeds but kvzalloc for in fails, fsanycreategroups will free ft-g. However, its caller fsanycreatetable will free ft-g again through calling...
UBUNTU-CVE-2024-35835
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfscreategroups When in allocated by kvzalloc fails, arfscreategroups will free ft-g and return an error. However, arfscreatetable, the only caller of arfscreategroups, will hold this error and ca...
DEBIAN-CVE-2024-27015
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mismatch in the flow...
CVE-2023-1668
A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...
Cisco IOS XE Common Flow Table DoS
The Cisco IOS XE software running on the remote device is affected by a denial of service vulnerability in the Common Flow Table CFT feature due to improper processing of IPv6 packets encapsulated inside IPv4 UDP packets. An unauthenticated, remote attacker, using malformed packets, can exploit...
Cisco IOS XE Common Flow Table (CFT) Malformed IPv6 Message Handling Denial of Service Vulnerability
Cisco IOS is a popular Internet operating system. A security vulnerability in the Cisco IOS XE Common Flow Table CFT feature allows remote attackers to conduct denial-of-service attacks by sending malformed IPv6 messages encapsulating IPv4 UDP...
CVE-2015-0639
The Common Flow Table CFT feature in Cisco IOS XE 3.6 and 3.7 before 3.7.1S, 3.8 before 3.8.0S, 3.9 before 3.9.0S, 3.10 before 3.10.0S, 3.11 before 3.11.0S, 3.12 before 3.12.0S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S, when MMON or NBAR is enabled, allows remote attacker...