35 matches found
DEBIAN-CVE-2024-26641
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...
CVE-2024-26641
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...
DEBIAN-CVE-2024-26633
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: fix NEXTHDRFRAGMENT handling in ip6tnlparsetlvenclim syzbot pointed out 1 that NEXTHDRFRAGMENT handling is broken. Reading fragoff can only be done if we pulled enough bytes to skb-head. Currently we might access...
CVE-2024-26633
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: fix NEXTHDRFRAGMENT handling in ip6tnlparsetlvenclim syzbot pointed out 1 that NEXTHDRFRAGMENT handling is broken. Reading fragoff can only be done if we pulled enough bytes to skb-head. Currently we might access...
CVE-2024-26641
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...
CVE-2024-26633
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: fix NEXTHDRFRAGMENT handling in ip6tnlparsetlvenclim syzbot pointed out 1 that NEXTHDRFRAGMENT handling is broken. Reading fragoff can only be done if we pulled enough bytes to skb-head. Currently we might access...
CVE-2024-26641 ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...
CVE-2024-26641
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...
CVE-2024-26641
CVE-2024-26641 affects the Linux kernel’s IPv6/IP tunneling path. The issue arises in ip6_tunnel when receiving inner headers in __ip6_tnl_rcv(), which could access uninitialized data via a chained path (KMSAN warnings). The fix, as described in the description, is to call pskb_inet_may_pull() to...
CVE-2024-26641 ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...
CVE-2024-26633 ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: fix NEXTHDRFRAGMENT handling in ip6tnlparsetlvenclim syzbot pointed out 1 that NEXTHDRFRAGMENT handling is broken. Reading fragoff can only be done if we pulled enough bytes to skb-head. Currently we might access...
CVE-2024-26633 ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: fix NEXTHDRFRAGMENT handling in ip6tnlparsetlvenclim syzbot pointed out 1 that NEXTHDRFRAGMENT handling is broken. Reading fragoff can only be done if we pulled enough bytes to skb-head. Currently we might access...
CVE-2024-26633
CVE-2024-26633 affects the Linux kernel’s ip6_tunnel code, specifically the NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim(). Syzbot reported that frag_off could be read before enough bytes were pulled into skb->head, causing reads of uninitialized or garbage data. The issue is exposed...
CVE-2024-26633
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: fix NEXTHDRFRAGMENT handling in ip6tnlparsetlvenclim syzbot pointed out 1 that NEXTHDRFRAGMENT handling is broken. Reading fragoff can only be done if we pulled enough bytes to skb-head. Currently we might access...
Unbreakable Enterprise kernel-container security update
5.4.17-2102.203.5 - rds/ib: move rdsibclearirqmiss to .h file Manjunath Patil Orabug: 33044344 5.4.17-2102.203.4 - rds/ib: recover rds connection from interrupt loss scenario Manjunath Patil Orabug: 32974199 - Revert 'Allow mce to reset instead of panic on UE' William Roche Orabug: 32820275 - bpf...