36 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-23459
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iptunnel: adapt iptunnelxmitstats to NETDEVPCPUSTATDSTATS Blamed commits forgot that vxlan/geneve use udptunnel6xmitskb which call iptunnelxmitstats...
SUSE-SU-2025:20368-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: - CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678 - CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847 - CVE-2024-50115: KVM:...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678 CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847 CVE-2024-50115: KVM: nSVM:...
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678. CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice...
CVE-2024-53042
In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning 1. Fix by using...
DEBIAN-CVE-2024-53042
In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning 1. Fix by using...
CVE-2024-53042 ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()
In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning 1. Fix by using...
CVE-2024-50304 ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()
In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelfind The per-netns IP tunnel hash table is protected by the RTNL mutex and iptunnelfind is only called from the control path where the mutex is taken. Add a lockdep...
CVE-2024-53042 ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()
In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning 1. Fix by using...
CVE-2024-53042 ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()
In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning 1. Fix by using...
CVE-2024-53042
CVE-2024-53042 affects the Linux kernel’s ipv4/ip_tunnel code. The issue arises from paths where ip_tunnel_init_flow() is invoked without holding the RCU read lock, triggering a suspicious RCU usage warning. The fix uses l3mdev_master_upper_ifindex_by_index() to acquire the RCU read lock before c...
CVE-2024-50304 ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()
In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelfind The per-netns IP tunnel hash table is protected by the RTNL mutex and iptunnelfind is only called from the control path where the mutex is taken. Add a lockdep...
The vulnerability of the ip_tunnel component in the Linux operating system’s kernel allows a hacker to gain elevated privileges within the system.
The vulnerability of the iptunnel component in the Linux operating system’s kernel is related to memory management errors after deallocation. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...
SUSE-SU-2024:3587-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48901: btrfs: do not start relocation until in progress drops are done bsc1229607. - CVE-2022-48911: kabi: add nfqueuegetrefs for kabi compliance...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48901: btrfs: do not start relocation until in progress drops are done bsc1229607. CVE-2022-48911: kabi: add nfqueuegetrefs for kabi compliance. bsc1229633...
SUSE-SU-2024:3564-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52610: net/sched: actct: fix skb leak and crash on ooo frags bsc1221610. - CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow...
SUSE-SU-2024:3561-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52610: net/sched: actct: fix skb leak and crash on ooo frags bsc1221610. - CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow...
kernel: net: ip_tunnel: prevent perpetual headroom growth
A use-after-free flaw was found in the Linux kernel’s iptunnel functionality when a user uses the iptunnel infrastructure. This flaw allows a local user to crash the system...
Oracle Linux 9 : kernel (ELSA-2024-3306)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3306 advisory. - netfilter: nftables: disallow anonymous set with timeout flag Phil Sutter RHEL-32971 RHEL-30082 CVE-2024-26642 - netfilter: nftables: mark set as dea...
Moderate: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout CVE-2024-26643 kernel: netfilter: nftables: disallow anonymous set with timeout flag CVE-2024-26642 kernel:...