2 matches found
CVE-2024-26921
CVE-2024-26921 is a Linux kernel issue where in the tx path, skb fragments could trigger a use-after-free of the socket when fragments are reassembled and the skb->sk field is freed prematurely. The fix, analyzed by Eric Dumazet, moves orphaning to the last safe moment, delaying skb->sk des...
PT-2021-8274 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.12.0-rc6+ Description: The vulnerability is related to a stack out-of-bounds read in the ip do fragment function when fragmenting IPv4 packets. This occurs when the ovs fragment function uses a temporary struc...