2 matches found
CVE-2022-50764 ipv6/sit: use DEV_STATS_INC() to avoid data-races
In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEVSTATSINC to avoid data-races syzbot/KCSAN reported that multiple cpus are updating dev-stats.txerror concurrently. This is because sit tunnels are NETIFFLLTX, meaning their ndostartxmit is not protected by a...
kernel: Memory leak in sit_init_net() in net/ipv6/sit.c
A flaw was found in the way the sitinitnet function in the Linux kernel handled resource cleanup on errors. This flaw allows an attacker to use the error conditions to crash the system...