8 matches found
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, only the init netns should be allowed to set the default tcpcongestioncontrol to a restricted algorithm. The tcpsetdefaultcongestioncontrol function is netns-safe as it writes to...
DEBIAN-CVE-2021-47010
In the Linux kernel, the following vulnerability has been resolved: net: Only allow init netns to set default tcp cong to a restricted algo tcpsetdefaultcongestioncontrol is netns-safe in that it writes to &net-ipv4.tcpcongestioncontrol, but it also sets ca-flags |= TCPCONGNONRESTRICTED which is...
CVE-2021-47010 net: Only allow init netns to set default tcp cong to a restricted algo
In the Linux kernel, the following vulnerability has been resolved: net: Only allow init netns to set default tcp cong to a restricted algo tcpsetdefaultcongestioncontrol is netns-safe in that it writes to &net-ipv4.tcpcongestioncontrol, but it also sets ca-flags |= TCPCONGNONRESTRICTED which is...
GSD-2021-1000129 netfilter: conntrack: Make global sysctls readonly in non-init netns
netfilter: conntrack: Make global sysctls readonly in non-init netns This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11.19 by commit...
GSD-2021-1000164 netfilter: conntrack: Make global sysctls readonly in non-init netns
netfilter: conntrack: Make global sysctls readonly in non-init netns This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.35 by commit...
UVI-2021-1000129 netfilter: conntrack: Make global sysctls readonly in non-init netns
netfilter: conntrack: Make global sysctls readonly in non-init netns This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11.19 by commit...
UVI-2021-1000091 netfilter: conntrack: Make global sysctls readonly in non-init netns
netfilter: conntrack: Make global sysctls readonly in non-init netns This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.2 by commit...
UVI-2021-1000017 net: Make tcp_allowed_congestion_control readonly in non-init netns
net: Make tcpallowedcongestioncontrol readonly in non-init netns This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11.16 by commit...