18 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: hsr: Fixed uninit-value access in fillframeinfo Syzbot reports the following uninit-value access problems. ===================================================== BUG: KMSAN: uninit-value in fillframeinfo net/hsr/hsrforward.c:60...
Linux Distros Unpatched Vulnerability : CVE-2023-53462
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in fillframeinfo Syzbot reports the following uninit-value acce...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-391040)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-391040 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet wi...
EUVD-2025-31934
Malicious code in bioql PyPI...
SUSE CVE-2023-53462
In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in fillframeinfo Syzbot reports the following uninit-value access problem. ===================================================== BUG: KMSAN: uninit-value in fillframeinfo net/hsr/hsrforward.c:601 inli...
UBUNTU-CVE-2023-53462
In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in fillframeinfo Syzbot reports the following uninit-value access problem. ===================================================== BUG: KMSAN: uninit-value in fillframeinfo net/hsr/hsrforward.c:601 inli...
CVE-2023-53462 hsr: Fix uninit-value access in fill_frame_info()
In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in fillframeinfo Syzbot reports the following uninit-value access problem. ===================================================== BUG: KMSAN: uninit-value in fillframeinfo net/hsr/hsrforward.c:601 inli...
CVE-2023-53462
CVE-2023-53462 affects the Linux kernel with the HSR driver. The issue was an uninitialized value access in fill_frame_info() that could occur during VLAN handling. The provided fix states that VLAN (ETH_P_8021Q) is not yet supported by the hsr driver and instructs returning an error from fill_fr...
Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024144 fixes one issue. The following security issue was fixed: CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...
Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001017 fixes several issues. The following security issues were fixed: CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452. CVE-2024-50302: HID: core: zero-initialize the report buffer bsc1233679. Patch Instructions:...
net: hsr: avoid potential out-of-bound access in fill_frame_info()
...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: - net: hsr: Avoid potential out-of-bound access in fillframeinfo. syzbot can inject a packet with 14 bytes, pretending it is a VLAN packet. Since fillframeinfo already relies on skb-maclen, extend the check to cover this case....
SUSE CVE-2024-56648
In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...
CVE-2024-56648
In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...
CVE-2024-56648
In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...
AZL-54785 CVE-2024-56648 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...
DEBIAN-CVE-2024-56648
In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...
CVE-2018-9532
In ixheaacdextractframeinfold of ixheaacdenvextr.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9...