58 matches found
CVE-2025-21741
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs to the amount that fits into the fixed-size NDP16 header...
DEBIAN-CVE-2025-21742
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, so it was possible f...
DEBIAN-CVE-2025-21743
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in DPE length check Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength U16MAX. This could lead to an OoB read. Move the wDatagramIndex term t...
DEBIAN-CVE-2025-21741
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs to the amount that fits into the fixed-size NDP16 header...
UBUNTU-CVE-2025-21743
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in DPE length check Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength U16MAX. This could lead to an OoB read. Move the wDatagramIndex term t...
UBUNTU-CVE-2025-21742
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, so it was possible f...
UBUNTU-CVE-2025-21741
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs to the amount that fits into the fixed-size NDP16 header...
CVE-2025-21743 usbnet: ipheth: fix possible overflow in DPE length check
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in DPE length check Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength U16MAX. This could lead to an OoB read. Move the wDatagramIndex term t...
CVE-2025-21742 usbnet: ipheth: use static NDP16 location in URB
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, so it was possible f...
CVE-2025-21742 usbnet: ipheth: use static NDP16 location in URB
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, so it was possible f...
CVE-2025-21742
CVE-2025-21742 affects the Linux kernel’s usbnet: ipheth handling within URB buffers. The vulnerability arose because the start of the NDP16 block could be placed anywhere in the URB based on wNdpIndex, allowing the fixed-length portion of NDP16 to extend past the URB end and trigger an OoB read....
CVE-2025-21741 usbnet: ipheth: fix DPE OoB read
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs to the amount that fits into the fixed-size NDP16 header...
CVE-2025-21741 usbnet: ipheth: fix DPE OoB read
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs to the amount that fits into the fixed-size NDP16 header...
CVE-2025-21741
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs to the amount that fits into the fixed-size NDP16 header...
CVE-2025-21741 usbnet: ipheth: fix DPE OoB read
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs to the amount that fits into the fixed-size NDP16 header...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible overflow in the DPE length check in the ipheth driver, resulting in an out-of-bounds read...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unfixed NDP16 location in the ipheth driver, which could lead to out-of-bounds reads...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a DPE out-of-bounds read issue in the ipheth driver...
usbnet: ipheth: do not stop RX on failing RX callback
...
SUSE CVE-2024-46861
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: Payload too short Payload formatted incorrecly e.g. bad NCM framing Lack of memory None of these should cause the driver to seize u...