15 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: geneve: Fixed header validation in geneve6xmitskb. syzbot is able to trigger an uninit-value in genevexmit. Problem: While most IP tunnel helpers such as iptunnelgetdsfield use skbprotocolskb, true, pskbinetmaypull only uses...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: geneve: Make sure to pull the inner header in geneverx. syzbot triggered a bug in geneverx 1 The issue is similar to the one I fixed in commit 8d975c15c0cd: "ip6tunnel: Make sure to pull the inner header in ip6tnlrcv" We need ...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990432)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990432 advisory. In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990026)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990026 advisory. In the Linux kernel, the following vulnerability has been resolved: geneve: do not assume mac header is set in genevexmitskb We should not assume mac header is set i...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990375)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990375 advisory. In the Linux kernel, the following vulnerability has been resolved: geneve: do not assume mac header is set in genevexmitskb We should not assume mac header is set i...
Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2024-35973)
geneve: fix header validation in genevexmitskb This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503444; scriptversion"1.2";...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986410)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986410 advisory. In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-412695)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-412695 advisory. In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-397670)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-397670 advisory. In the Linux kernel, the following vulnerability has been resolved: geneve: make sure to pull inner header in geneverx syzbot triggered a bug in geneverx 1 Issue is...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-360474)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-360474 advisory. In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in...
OESA-2025-1081 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A race condition was found in the Linux kernel's net/bluetooth in conn,advmin,maxintervalset function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service. CVE-2024-24858 In t...
kernel: geneve: fix header validation in geneve[6]_xmit_skb
In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve6xmitskb The Linux kernel CVE team has assigned CVE-2024-35973 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024052024-CVE-2024-35973-1b5b@gregkh/T...
DEBIAN-CVE-2024-35973
In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in genevexmit 1 Problem : While most ip tunnel helpers like iptunnelgetdsfield uses skbprotocolskb, true, pskbinetmaypull is only using...
UBUNTU-CVE-2024-35973
In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in genevexmit 1 Problem : While most ip tunnel helpers like iptunnelgetdsfield uses skbprotocolskb, true, pskbinetmaypull is only using...
SUSE CVE-2024-26857
In the Linux kernel, the following vulnerability has been resolved: geneve: make sure to pull inner header in geneverx syzbot triggered a bug in geneverx 1 Issue is similar to the one I fixed in commit 8d975c15c0cd "ip6tunnel: make sure to pull inner header in ip6tnlrcv" We have to save...