19 matches found
kernel: ipv6: use RCU in ip6_xmit()
A use-after-free flaw was found in ip6autoflowlabel in the Linux kernel's net/ipv6/ip6output.c code. In this flaw an attacker can cause a denial of service DoS attack...
The vulnerability of the ip6_output() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the ip6output function in the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...
UBUNTU-CVE-2025-40158
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...
CVE-2025-40158 ipv6: use RCU in ip6_output()
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...
CVE-2025-40158 ipv6: use RCU in ip6_output()
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...
kernel: ipv6: prevent NULL dereference in ip6_output()
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
Linux Distros Unpatched Vulnerability : CVE-2024-36901
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal wit...
Azure Linux 3.0 Security Update: kernel (CVE-2024-36901)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36901 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in...
kernel: ipv6: prevent NULL dereference in ip6_output()
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
SUSE CVE-2024-36901
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
DEBIAN-CVE-2024-36901
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
AZL-42495 CVE-2024-36901 affecting package kernel for versions less than 5.15.164.1-1
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
UBUNTU-CVE-2024-36901
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
CVE-2024-36901
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...
kernel: Incorrect overwrite check in __ip6_append_data()
The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service system crash via crafted system calls...
Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2014-3002)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3002 advisory. - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - ip6output: do skb ufo init for peeked non ufo sk...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-16.2.3.el6uek - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951080 CVE-2013-4470 - KVM: x86: fix guest-initiated crash with x2apic CVE-2013-637...
unbreakable enterprise kernel security update
2.6.39-400.211.3 - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951806 CVE-2013-4470 - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951818 CVE-2013-4470 - KVM: x86: Fix potential divide by 0 in lapic CVE-2013-6367 Andy Honig Orabu...
Kernel: ipv6: using ipv4 vs ipv6 structure during routing lookup in sendmsg
The ip6skdstcheck function in net/ipv6/ip6output.c in the Linux kernel before 3.10 allows local users to cause a denial of service system crash by using an AFINET6 socket for a connection to an IPv4 interface...