18 matches found
kernel: ipv6: use RCU in ip6_xmit()
A use-after-free flaw was found in ip6autoflowlabel in the Linux kernel's net/ipv6/ip6output.c code. In this flaw an attacker can cause a denial of service DoS attack...
UBUNTU-CVE-2025-40158
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...
CVE-2025-40158 ipv6: use RCU in ip6_output()
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...
CVE-2025-40158 ipv6: use RCU in ip6_output()
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...
kernel: ipv6: prevent NULL dereference in ip6_output()
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
Linux Distros Unpatched Vulnerability : CVE-2024-36901
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal wit...
Azure Linux 3.0 Security Update: kernel (CVE-2024-36901)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36901 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in...
kernel: ipv6: prevent NULL dereference in ip6_output()
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
SUSE CVE-2024-36901
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
DEBIAN-CVE-2024-36901
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
AZL-42495 CVE-2024-36901 affecting package kernel for versions less than 5.15.164.1-1
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
UBUNTU-CVE-2024-36901
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
CVE-2024-36901
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
kernel: Incorrect overwrite check in __ip6_append_data()
The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service system crash via crafted system calls...
Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2014-3002)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3002 advisory. - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - ip6output: do skb ufo init for peeked non ufo sk...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-16.2.3.el6uek - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951080 CVE-2013-4470 - KVM: x86: fix guest-initiated crash with x2apic CVE-2013-637...
unbreakable enterprise kernel security update
2.6.39-400.211.3 - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951806 CVE-2013-4470 - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951818 CVE-2013-4470 - KVM: x86: Fix potential divide by 0 in lapic CVE-2013-6367 Andy Honig Orabu...
Kernel: ipv6: using ipv4 vs ipv6 structure during routing lookup in sendmsg
The ip6skdstcheck function in net/ipv6/ip6output.c in the Linux kernel before 3.10 allows local users to cause a denial of service system crash by using an AFINET6 socket for a connection to an IPv4 interface...