225 matches found
DEBIAN-CVE-2022-48935
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...
CVE-2022-48935
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...
UBUNTU-CVE-2022-48935
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...
CVE-2022-48935 netfilter: nf_tables: unregister flowtable hooks on netns exit
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...
CVE-2022-48935 netfilter: nf_tables: unregister flowtable hooks on netns exit
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...
CVE-2022-48935
CVE-2022-48935 is a Linux kernel flaw in netfilter nf_tables where flowtable hooks were not unregistered on net namespace exit, causing a use-after-free (KASAN) in nf_hook_entries_grow. The issue arises when nf_tables_flowtable_destroy() does not unregister hooks promptly, leading to UAF in flowt...
CVE-2022-48935
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly deregister the flowtable hook on netns exit, resulting in a memory reuse after release...
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-048)
The version of kernel installed on the remote host is prior to 5.15.158-103.164. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2024-048 advisory. In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify a...
kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftflowtabletypeget The Linux kernel CVE team has assigned CVE-2024-35898 to this issue. Upstream advisory:...
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-695)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-695 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock when enabling ASP...
kernel: netfilter: flowtable: validate pppoe header
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate pppoe header Ensure there is sufficient room to access the protocol field of the PPPoe header. Validate it once before the flowtable lookup, then use a helper function to access protocol field...
kernel: netfilter: flowtable: validate pppoe header
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate pppoe header Ensure there is sufficient room to access the protocol field of the PPPoe header. Validate it once before the flowtable lookup, then use a helper function to access protocol field...
kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftflowtabletypeget The Linux kernel CVE team has assigned CVE-2024-35898 to this issue. Upstream advisory:...
kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftflowtabletypeget The Linux kernel CVE team has assigned CVE-2024-35898 to this issue. Upstream advisory:...
netfilter: flowtable: validate pppoe header
...
netfilter: flowtable: incorrect pppoe tuple
...
SUSE CVE-2024-35898
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftflowtabletypeget nftunregisterflowtabletype within nfflowinetmoduleexit can concurrent with nftflowtabletypeget within nftablesnewflowtable. And thhere is not any protection when...
DEBIAN-CVE-2024-35898
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftflowtabletypeget nftunregisterflowtabletype within nfflowinetmoduleexit can concurrent with nftflowtabletypeget within nftablesnewflowtable. And thhere is not any protection when...
UBUNTU-CVE-2024-35898
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftflowtabletypeget nftunregisterflowtabletype within nfflowinetmoduleexit can concurrent with nftflowtabletypeget within nftablesnewflowtable. And thhere is not any protection when...