CVE-2022-50817

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skbclone syzbot got a crash 1 in skbclone, caused by a bug in hsrgetuntaggedframe. When/if createstrippedskbhsr returns NULL, we must not attempt to call skbclone. While we are at it, replac...

DEBIAN-CVE-2025-39703

In the Linux kernel, the following vulnerability has been resolved: net, hsr: reject HSR frame if skb can't hold tag Receiving HSR frame with insufficient space to hold HSR tag in the skb can result in a crash kernel BUG: 45.390915 skbuff: skbunderpanic: text:ffffffff86f32cac len:26 put:14...

DEBIAN-CVE-2024-56648

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...

The vulnerability of the hsr component in the Linux operating system’s kernel allows a hacker to increase their privileges within the system.

The vulnerability of the hsr component in the Linux operating system’s kernel is related to errors that occur during the prpcreatetaggedframe function after it is freed. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

kernel: net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()

A vulnerability in the Linux kernel affects the High-availability Seamless Redundancy HSR protocol. The issue was identified when a warning WARNONCE was triggered due to failed resource allocation for skb in the hsrinitskb function. The WARNONCE was initially used to log this failure, but it was...

SUSE CVE-2022-49015

In the Linux kernel, the following vulnerability has been resolved: net: hsr: Fix potential use-after-free The skb is delivered to netifrx which may free it, after calling this, dereferencing skb may trigger use-after-free...

DEBIAN-CVE-2024-26863

In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsrgetnode KMSAN reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in hsrgetnode+0xa2e/0xa40 net/hsr/hsrframereg.c:2...

SUSE CVE-2024-26707

In the Linux kernel, the following vulnerability has been resolved: net: hsr: remove WARNONCE in sendhsrsupervisionframe Syzkaller reported 1 hitting a warning after failing to allocate resources for skb in hsrinitskb. Since a WARNONCE call will not help much in this case, it might be prudent to...

UBUNTU-CVE-2024-26707

In the Linux kernel, the following vulnerability has been resolved: net: hsr: remove WARNONCE in sendhsrsupervisionframe Syzkaller reported 1 hitting a warning after failing to allocate resources for skb in hsrinitskb. Since a WARNONCE call will not help much in this case, it might be prudent to...