9 matches found
CVE-2024-56602
A user-after-free vulnerability was found in the linux kernel. sockinitdata attaches the allocated sk object to the provided sock object. If ieee802154create fails later, the allocated sk object is freed, but the dangling pointer remains in the provided sock object, leading to a crash and loss of...
CVE-2024-56602 net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154create sockinitdata attaches the allocated sk object to the provided sock object. If ieee802154create fails later, the allocated sk object is freed, but the danglin...
CVE-2024-56602
CVE-2024-56602 is confirmed by connected advisories as a Linux kernel issue in net: ieee802154: do not leave a dangling sk pointer in ieee802154_create(), where sock_init_data() attaches a sk to sock and on error the sk remains dangling, allowing use-after-free. The Astra Linux bulletin lists aff...
CVE-2024-56602 net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154create sockinitdata attaches the allocated sk object to the provided sock object. If ieee802154create fails later, the allocated sk object is freed, but the danglin...
CVE-2024-56602 net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154create sockinitdata attaches the allocated sk object to the provided sock object. If ieee802154create fails later, the allocated sk object is freed, but the danglin...
K27575300: Linux kernel vulnerability CVE-2019-17053
Security Advisory Description ieee802154create in net/ieee802154/socket.c in the AFIEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. CVE-2019-17053 Impact There is no impact; F...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4850)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4850 advisory. - vhost: make sure lognum innum yongduan Orabug: 30312787 CVE-2019-14835 - vhost: block speculation of translated descriptors Michael S. Tsirkin...
Code injection
ieee802154create in net/ieee802154/socket.c in the AFIEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7...
CVE-2019-17053
ieee802154create in net/ieee802154/socket.c in the AFIEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7...