Lucene search
K

201 matches found

RedHat Linux
RedHat Linux
added 2024/10/16 1:8 a.m.9 views

kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()

A vulnerability was found in the Linux kernel's IPv6 handling in the xfrm6getsaddr function, where the issue occurs when ip6dstidev returns NULL, leading to a null pointer dereference and resulting in a general protection fault...

5.5CVSS6.6AI score0.00278EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.4 views

kernel: ipv6: prevent NULL dereference in ip6_output()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...

5.5CVSS6.4AI score0.00262EPSS
Exploits0References5
OSV
OSV
added 2024/09/20 11:9 a.m.5 views

OESA-2024-2152 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035i2cmasterxfer In af9035i2cmasterxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zer...

7.8CVSS6.2AI score0.00255EPSS
Exploits0References5
OSV
OSV
added 2024/09/04 8:15 p.m.0 views

DEBIAN-CVE-2024-44987

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6sendskb syzbot reported an UAF in ip6sendskb 1 After ip6localout has returned, we no longer can safely dereference rt, unless we hold rcureadlock. A similar issue has been fixed in commit a688caa34beb "ipv...

7.8CVSS5.7AI score0.00255EPSS
Exploits0References1
OSV
OSV
added 2024/09/04 8:15 p.m.5 views

AZL-48686 CVE-2024-44986 affecting package kernel for versions less than 6.6.51.1-1

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in ip6finishoutput2 If skbexpandhead returns NULL, skb has been freed and associated dst/idev could also have been freed. We need to hold rcureadlock to make sure the dst and associated idev are alive...

7.8CVSS6.6AI score0.00237EPSS
Exploits0References1
OSV
OSV
added 2024/09/04 8:15 p.m.7 views

AZL-48639 CVE-2024-44985 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UAF in ip6xmit If skbexpandhead returns NULL, skb has been freed and the associated dst/idev could also have been freed. We must use rcureadlock to prevent a possible UAF...

7.8CVSS6.7AI score0.00251EPSS
Exploits0References1
OSV
OSV
added 2024/09/04 8:15 p.m.2 views

UBUNTU-CVE-2024-44987

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6sendskb syzbot reported an UAF in ip6sendskb 1 After ip6localout has returned, we no longer can safely dereference rt, unless we hold rcureadlock. A similar issue has been fixed in commit a688caa34beb "ipv...

7.8CVSS6.2AI score0.00255EPSS
Exploits0References31
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.4 views

kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify()

A use-after-free flaw was found in ip6routempathnotify in the Linux kernel. This may lead to a crash...

7.8CVSS6.8AI score0.00269EPSS
Exploits0References5
OSV
OSV
added 2024/08/01 5:34 p.m.7 views

CLSA-2024-1722533082 kernel: Fix of 47 CVEs

afunix: Fix garbage collector racing against connect CVE-2024-26923 - netfilter: nftlimit: reject configurations that cause integer overflow CVE-2024-26668 - libbpf: Fix use-after-free in btfdumpnamedups CVE-2022-3534 - bpf: Fix partial dynptr stack slot reads/writes CVE-2023-39191 - ima: Fix...

8.2CVSS7AI score0.01305EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2024/07/31 12:54 a.m.4 views

kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify()

A use-after-free flaw was found in ip6routempathnotify in the Linux kernel. This may lead to a crash...

7.8CVSS6.8AI score0.00269EPSS
Exploits0References5
OSV
OSV
added 2024/07/16 12:15 p.m.1 views

DEBIAN-CVE-2022-48810

In the Linux kernel, the following vulnerability has been resolved: ipmr,ip6mr: acquire RTNL before calling ip6mrfreetable on failure path ip6mrfreetable can only be called under RTNL lock. RTNL: assertion failed at net/core/dev.c 10367 WARNING: CPU: 1 PID: 5890 at net/core/dev.c:10367...

5.5CVSS5.4AI score0.00211EPSS
Exploits0References1
OSV
OSV
added 2024/07/12 1:15 p.m.1 views

DEBIAN-CVE-2024-40959

In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6dstidev return value in xfrm6getsaddr ip6dstidev can return NULL, xfrm6getsaddr must act accordingly. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1...

5.5CVSS5.6AI score0.00278EPSS
Exploits0References1
OSV
OSV
added 2024/07/12 1:15 p.m.5 views

UBUNTU-CVE-2024-40959

In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6dstidev return value in xfrm6getsaddr ip6dstidev can return NULL, xfrm6getsaddr must act accordingly. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1...

5.5CVSS6.2AI score0.00278EPSS
Exploits0References34
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.4 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the xfrm6 component failing to properly check the return value of the ip6dstidev function when obtaining a...

5.5CVSS6.4AI score0.00278EPSS
Exploits0References10
OSV
OSV
added 2024/06/25 1:5 p.m.22 views

SUSE-SU-2024:2205-1 Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005539 fixes several issues. The following security issues were fixed: - CVE-2023-6931: Fixed an out of bounds write in the Performance Events subsystem when adding a new event bsc1218259. - CVE-2024-26852: Fixed use-after-free in ip6routempathnotify...

7.8CVSS7.9AI score0.00715EPSS
Exploits1References5
OSV
OSV
added 2024/06/25 12:33 p.m.21 views

SUSE-SU-2024:2202-1 Security update for the Linux Kernel (Live Patch 51 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122186 fixes several issues. The following security issues were fixed: - CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets bsc1220537. - CVE-2023-6931: Fixed an out of bounds write in the Performance Events subsyst...

7.8CVSS7.1AI score0.00715EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2024/05/30 4:15 p.m.13 views

CVE-2024-36903

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-value access in ip6makeskb As it was done in commit fc1092f51567 "ipv4: Fix uninit-value access in ipmakeskb" for IPv4, check FLOWIFLAGKNOWNNH on fl6-flowi6flags instead of testing HDRINCL on the socket...

5.5CVSS6.9AI score0.0023EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/05/30 4:15 p.m.5 views

AZL-56225 CVE-2024-36903 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-value access in ip6makeskb As it was done in commit fc1092f51567 "ipv4: Fix uninit-value access in ipmakeskb" for IPv4, check FLOWIFLAGKNOWNNH on fl6-flowi6flags instead of testing HDRINCL on the socket...

5.5CVSS6.3AI score0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/30 12:0 a.m.4 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from potential uninitialized value access in the ipv6 module ip6makeskb...

5.5CVSS6.5AI score0.0023EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/05/28 3:29 p.m.3 views

SUSE CVE-2021-47546

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6rulesuppress The kernel leaks memory when a fib rule is present in IPv6 nftables firewall rules and a suppressprefix rule is present in the IPv6 routing rules used by certain tools such as wg-quick. I...

2.3CVSS6.3AI score0.00222EPSS
Exploits0References9
Rows per page
Query Builder