SUSE CVE-2024-26921

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

UBUNTU-CVE-2024-26921

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

CVE-2024-26921

CVE-2024-26921 is a Linux kernel issue where in the tx path, skb fragments could trigger a use-after-free of the socket when fragments are reassembled and the skb->sk field is freed prematurely. The fix, analyzed by Eric Dumazet, moves orphaning to the last safe moment, delaying skb->sk des...

UBUNTU-CVE-2024-26864

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix refcnt handling in inethashconnect. syzbot reported a warning in sknullsdelnodeinitrcu. The commit 66b60b0c8c4a "dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished." tried to fix an issue that a...

SUSE CVE-2024-26782

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inetopt' for the new socket has the same value as the original one: as a...

SUSE CVE-2024-26808

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftchainfilter: handle NETDEVUNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEVUNREGISTER event is reported, otherwise a stale reference to netdevice remains in the hook...

CVE-2024-26808

A vulnerability was found in the Linux kernel's netfilter subsystem, related to the nftchainfilter feature. This issue occurs when a NETDEVUNREGISTER event is reported, which can leave a stale reference to a network device in the ingress basechain. If this issue is not addressed, this stale...

DEBIAN-CVE-2024-26808

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftchainfilter: handle NETDEVUNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEVUNREGISTER event is reported, otherwise a stale reference to netdevice remains in the hook...

CVE-2024-26808

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftchainfilter: handle NETDEVUNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEVUNREGISTER event is reported, otherwise a stale reference to netdevice remains in the hook...

UBUNTU-CVE-2024-26808

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftchainfilter: handle NETDEVUNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEVUNREGISTER event is reported, otherwise a stale reference to netdevice remains in the hook...

CVE-2024-26808 netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftchainfilter: handle NETDEVUNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEVUNREGISTER event is reported, otherwise a stale reference to netdevice remains in the hook...

CVE-2024-26808 netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftchainfilter: handle NETDEVUNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEVUNREGISTER event is reported, otherwise a stale reference to netdevice remains in the hook...

CVE-2024-26808 netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftchainfilter: handle NETDEVUNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEVUNREGISTER event is reported, otherwise a stale reference to netdevice remains in the hook...

DEBIAN-CVE-2024-26782

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inetopt' for the new socket has the same value as the original one: as a...

CVE-2024-26808

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftchainfilter: handle NETDEVUNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEVUNREGISTER event is reported, otherwise a stale reference to netdevice remains in the hook...

DEBIAN-CVE-2024-26741

In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskdestroysock with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskbindhash; However, the syzkaller's log...

DEBIAN-CVE-2024-26679

In the Linux kernel, the following vulnerability has been resolved: inet: read sk-skfamily once in inetrecverror inetrecverror is called without holding the socket lock. IPv6 socket could mutate to IPv4 with IPV6ADDRFORM socket option and trigger a KCSAN warning...

CVE-2024-26673

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: sanitize layer 3 and 4 protocol number in custom expectations - Disallow families other than NFPROTOIPV4,IPV6,INET. - Disallow layer 4 protocol with no ports, since destination port is a mandatory attribute for...

GL-iNet MT6000 4.5.5 Arbitrary File Download

Exploit Title: GL-iNet MT6000 4.5.5 - Arbitrary File Download CVE: CVE-2024-27356 Google Dork: intitle:"GL.iNet Admin Panel" Date: 2/26/2024 Exploit Author: Bandar Alharbi aggressor Vendor Homepage: www.gl-inet.com Tested Software Link:...

GL-iNet MT6000 4.5.5 - Arbitrary File Download

Exploit Title: GL-iNet MT6000 4.5.5 - Arbitrary File Download CVE: CVE-2024-27356 Google Dork: intitle:"GL.iNet Admin Panel" Date: 2/26/2024 Exploit Author: Bandar Alharbi aggressor Vendor Homepage: www.gl-inet.com Tested Software Link:...