166 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-20194
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a vulnerability in the linux kernel versions higher than 5.2 if kernel compiled with config params CONFIGBPFSYSCALL=y , CONFIGBPF=y , CONFIGCGROUPS=y ,...
Important: kernel
Issue Overview: A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier...
Important: kernel
Issue Overview: A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier...
Important: kernel
Issue Overview: A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier...
kernel: tls: fix missing memory barrier in tls_init
In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tlsinit In tlsinit, a write memory barrier is missing, and store-store reordering may cause NULL dereference in tlssetsockopt,getsockopt. CPU0 CPU1 ----- ----- // In tlsinit // In tlsctxcreate c...
kernel: tls: fix missing memory barrier in tls_init
In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tlsinit In tlsinit, a write memory barrier is missing, and store-store reordering may cause NULL dereference in tlssetsockopt,getsockopt. CPU0 CPU1 ----- ----- // In tlsinit // In tlsctxcreate c...
kernel: tls: fix missing memory barrier in tls_init
In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tlsinit In tlsinit, a write memory barrier is missing, and store-store reordering may cause NULL dereference in tlssetsockopt,getsockopt. CPU0 CPU1 ----- ----- // In tlsinit // In tlsctxcreate c...
SUSE CVE-2022-48751
In the Linux kernel, the following vulnerability has been resolved: net/smc: Transitional solution for clcsock race issue We encountered a crash in smcsetsockopt and it is caused by accessing smc-clcsock after clcsock was released. BUG: kernel NULL pointer dereference, address: 0000000000000020 P...
CVE-2022-48751
In the Linux kernel, the following vulnerability has been resolved: net/smc: Transitional solution for clcsock race issue We encountered a crash in smcsetsockopt and it is caused by accessing smc-clcsock after clcsock was released. BUG: kernel NULL pointer dereference, address: 0000000000000020 P...
SUSE CVE-2024-26862
In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignoreoutgoing ignoreoutgoing is read locklessly from devqueuexmitnit and packetgetsockopt Add appropriate READONCE/WRITEONCE annotations. syzbot reported: BUG: KCSAN: data-race in devqueuexmitn...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing data to be read from devqueuexmitnit and packetgetsockopt via ignoreoutgoing...
CVE-2024-26640 tcp: add sanity checks to rx zerocopy
In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to canmapfrag these additional checks: - Page must not be a compound one....
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2023-2335)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A deadlock flaw was found in the Linux kernel's BPF subsystem. This flaw allows a local user to potentially crash the system. CVE-2023-0160 - Us...
Important: kernel-livepatch-4.14.314-237.533
Issue Overview: dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NULL pointer dereference. CVE-2023-28466 Affected Packages: kernel-livepatch-4.14.314-237.533 Issue Correction: Please ensur...
kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference
A use-after-free flaw was found in the dotlsgetsockopt function in net/tls/tlsmain.c in the Transport Layer Security TLS in the Network subcompact in the Linux kernel. This flaw allows an attacker to cause a NULL pointer dereference problem due to a race condition...
kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference
A use-after-free flaw was found in the dotlsgetsockopt function in net/tls/tlsmain.c in the Transport Layer Security TLS in the Network subcompact in the Linux kernel. This flaw allows an attacker to cause a NULL pointer dereference problem due to a race condition...
kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference
A use-after-free flaw was found in the dotlsgetsockopt function in net/tls/tlsmain.c in the Transport Layer Security TLS in the Network subcompact in the Linux kernel. This flaw allows an attacker to cause a NULL pointer dereference problem due to a race condition...
SUSE CVE-2023-28466
dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NULL pointer dereference...
DEBIAN-CVE-2023-28466
dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NULL pointer dereference...
AZL-25661 CVE-2023-28466 affecting package kernel for versions less than 5.15.107.1-2
dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NULL pointer dereference...