332 matches found
CVE-2024-44934
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc cycles when removing port syzbot hit a use-after-free1 which is caused because the bridge doesn't make sure that all previous garbage has been collected when removing a port. What happens...
CVE-2024-44934 net: bridge: mcast: wait for previous gc cycles when removing port
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc cycles when removing port syzbot hit a use-after-free1 which is caused because the bridge doesn't make sure that all previous garbage has been collected when removing a port. What happens...
CVE-2022-48935
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...
CVE-2022-48935 netfilter: nf_tables: unregister flowtable hooks on netns exit
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...
CVE-2022-48935 netfilter: nf_tables: unregister flowtable hooks on netns exit
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...
CVE-2022-48935
CVE-2022-48935 is a Linux kernel flaw in netfilter nf_tables where flowtable hooks were not unregistered on net namespace exit, causing a use-after-free (KASAN) in nf_hook_entries_grow. The issue arises when nf_tables_flowtable_destroy() does not unregister hooks promptly, leading to UAF in flowt...
CVE-2022-48925
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Do not change route.addr.srcaddr outside state checks If the state is not idle then resolvepreparesrc should immediately fail and no change to global state should happen. However, it unconditionally overwrites the srcad...
CVE-2022-48925
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Do not change route.addr.srcaddr outside state checks If the state is not idle then resolvepreparesrc should immediately fail and no change to global state should happen. However, it unconditionally overwrites the srcad...
CVE-2022-48925 RDMA/cma: Do not change route.addr.src_addr outside state checks
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Do not change route.addr.srcaddr outside state checks If the state is not idle then resolvepreparesrc should immediately fail and no change to global state should happen. However, it unconditionally overwrites the srcad...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-36901)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36901 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in...
CVE-2022-48869
CVE-2022-48869 concerns the Linux kernel gadgetfs USB driver. The issue arises from a race between gadgetfs_fill_super() (mount path) and gadgetfs_kill_sb() (unmount path), where the_device could be deallocated while gadgetfs_fill_super() still uses it, resulting in a use-after-free. The provided...
CVE-2024-42266
A flaw was found in the btrfs module in the Linux kernel. Improper locking can occur due to an improper handling of error conditions, causing a kernel panic and resulting in a denial of service...
CVE-2024-43817
In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtionethdrtoskb allowed syzbot to crash kernels again 1. After the skbsegment function the buffer may become non-linear nrfrags != 0, but since the SKBTXSHAREDFRAG flag is not set...
CVE-2024-43817
The CVE CVE-2024-43817 describes a Linux kernel vulnerability in the virtio_net path: two missing checks in virtio_net_hdr_to_skb() can trigger a crash. The issues arise when after skb_segment the buffer remains non-linear (nr_frags != 0) and SKBTX_SHARED_FRAG is not set, preventing __skb_lineari...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-42076)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42076 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data ...
CVE-2024-42082
In the Linux kernel, the following vulnerability has been resolved: xdp: Remove WARN from xdpregmemmodel syzkaller reports a warning in xdpregmemmodel. The warning occurs only if memidinithashtable returns an error. It returns the error in two cases: 1. memory allocation fails; 2. rhashtableinit...
CVE-2024-42114 wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: restrict NL80211ATTRTXQQUANTUM values syzbot is able to trigger softlockups, setting NL80211ATTRTXQQUANTUM to 2^31. We had a similar issue in schfq, fixed with commit d9e15a273306 "pktsched: fq: do not accept sill...
CVE-2024-42111 btrfs: always do the basic checks for btrfs_qgroup_inherit structure
In the Linux kernel, the following vulnerability has been resolved: btrfs: always do the basic checks for btrfsqgroupinherit structure BUG Syzbot reports the following regression detected by KASAN: BUG: KASAN: slab-out-of-bounds in btrfsqgroupinherit+0x42e/0x2e20 fs/btrfs/qgroup.c:3277 Read of si...
CVE-2024-42111 btrfs: always do the basic checks for btrfs_qgroup_inherit structure
In the Linux kernel, the following vulnerability has been resolved: btrfs: always do the basic checks for btrfsqgroupinherit structure BUG Syzbot reports the following regression detected by KASAN: BUG: KASAN: slab-out-of-bounds in btrfsqgroupinherit+0x42e/0x2e20 fs/btrfs/qgroup.c:3277 Read of si...
CVE-2024-41097
In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacrubind Syzbot is still reporting quite an old issue 1 that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be used at urb sumbitting...