19 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient header space validation in xdpumemreg. This vulnerability may lead to insufficient...
kernel: can: isotp: fix potential CAN frame reception race in isotp_rcv()
A potential CAN frame reception race flaw was found in isotprcv in the Linux kernel. This vulnerability may lead to a crash...
CLSA-2024-1722535085 Fix of 18 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code Bionic update: upstream stable patchset 2021-06-01 LP: 1930472 // CVE- url: https://ubuntu.com/security/CVE-2021-46960 - cifs: Return correct error code from smb2getenckey CVE-url:...
SUSE CVE-2022-48830
In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotprcv When receiving a CAN frame the current code logic does not consider concurrently receiving processes which do not show up in real world usage. Ziyang Xuan writes: The...
CVE-2022-48830
In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotprcv When receiving a CAN frame the current code logic does not consider concurrently receiving processes which do not show up in real world usage. Ziyang Xuan writes: The...
DEBIAN-CVE-2022-48830
In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotprcv When receiving a CAN frame the current code logic does not consider concurrently receiving processes which do not show up in real world usage. Ziyang Xuan writes: The...
CVE-2022-48830 can: isotp: fix potential CAN frame reception race in isotp_rcv()
In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotprcv When receiving a CAN frame the current code logic does not consider concurrently receiving processes which do not show up in real world usage. Ziyang Xuan writes: The...
CVE-2022-48830
CVE-2022-48830 affects the Linux kernel CAN stack (isotp). The issue was a race during CAN frame reception where isotp_rcv_ff()/isotp_rcv_cf() could modify so->rx.len concurrently, causing skb_put to panic (skb_over_panic). The fix introduces a spin_lock around isotp_rcv to ensure state/data s...
CVE-2024-36016
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix possible out-of-bounds in gsm0receive Assuming the following: - side A configures the ngsm in basic option mode - side B sends the header of a basic option mode frame with data length 1 - side A switches to advance...
CLSA-2023-1701799960 Fix of 8 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-45871 - igb: Limit maximum frame Rx based on MTU - igb: Only sync size of expected frame in ethtool testing - igb: Add support for ethtool private flag to allow use of legacy Rx - igb: Add support for using order 1 pages to receive large frames - igb:...
CVE-2023-24819 RIOT-OS vulnerable to Buffer Overflow during IPHC receive
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be us...
PT-2022-10406 · Qualcomm · Snapdragon Connectivity +4
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to a possible buffer overflow due to the lack of buffer length check during management frame Rx handling. This affects various Qualcomm Snapdragon products,...
Qualcomm 缓冲区错误漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way to miniaturize circuitry including primarily semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. A security vulnerability exists in multiple Qualcomm...
GSD-2022-1000485 can: isotp: fix potential CAN frame reception race in isotp_rcv()
can: isotp: fix potential CAN frame reception race in isotprcv This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.10 by commit...
GSD-2022-1000410 can: isotp: fix potential CAN frame reception race in isotp_rcv()
can: isotp: fix potential CAN frame reception race in isotprcv This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.24 by commit...
GSD-2022-1000359 can: isotp: fix potential CAN frame reception race in isotp_rcv()
can: isotp: fix potential CAN frame reception race in isotprcv This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.101 by commit...
edk2: memory leak in ArpOnFrameRcvdDpc
Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access...
Important: kernel security and bug fix update
2.6.18-53.1.6.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki ORA 6045759 - NET Fix msi issue with kexec/kdump Michael Chan ORA 6219364 - MM Fix allocpagesnode static nid' race made kernel crash Joe Jin ORA 6187457 - splice Fix bad unlockpage in error case Jens Axboe ORA 6263574 ...
Mandrake Linux Security Advisory : madwifi-source (MDKSA-2007:082)
The athratesample function in the athrate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service failed KASSERT and system crash by moving a connected system to a location with low signal strength, and possibly other vectors related to a race...