14 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: In isotp.bind, a check for the CAN address family was added. This prevents bindings that use non-AFCAN address families from being allowed. The Syzbot team created some code that matches the correct sockaddr structure size, but i...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotpBind Syzbot created an environment that led to a state machine status that cannot be reached with a compliant CAN ID address configuration. The provided address information consisted of...
SUSE CVE-2023-54105
In the Linux kernel, the following vulnerability has been resolved: can: isotp: check CAN address family in isotpbind Add missing check to block non-AFCAN binds. Syzbot created some code which matched the right sockaddr struct size but used AFXDP 0x2C instead of AFCAN 0x1D in the address family...
Linux Distros Unpatched Vulnerability : CVE-2023-54105
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: isotp: check CAN address family in isotpbind Add missing check to block non-AFCAN binds. Syzbot created some code which matched the right sockaddr struct...
EUVD-2023-60340
In the Linux kernel, the following vulnerability has been resolved: can: isotp: check CAN address family in isotpbind Add missing check to block non-AFCAN binds. Syzbot created some code which matched the right sockaddr struct size but used AFXDP 0x2C instead of AFCAN 0x1D in the address family...
CVE-2023-54105
In the Linux kernel, the following vulnerability has been resolved: can: isotp: check CAN address family in isotpbind Add missing check to block non-AFCAN binds. Syzbot created some code which matched the right sockaddr struct size but used AFXDP 0x2C instead of AFCAN 0x1D in the address family...
CVE-2023-54105
In the Linux kernel, the following vulnerability has been resolved: can: isotp: check CAN address family in isotpbind Add missing check to block non-AFCAN binds. Syzbot created some code which matched the right sockaddr struct size but used AFXDP 0x2C instead of AFCAN 0x1D in the address family...
UBUNTU-CVE-2023-54105
In the Linux kernel, the following vulnerability has been resolved: can: isotp: check CAN address family in isotpbind Add missing check to block non-AFCAN binds. Syzbot created some code which matched the right sockaddr struct size but used AFXDP 0x2C instead of AFCAN 0x1D in the address family...
CVE-2023-54105 can: isotp: check CAN address family in isotp_bind()
In the Linux kernel, the following vulnerability has been resolved: can: isotp: check CAN address family in isotpbind Add missing check to block non-AFCAN binds. Syzbot created some code which matched the right sockaddr struct size but used AFXDP 0x2C instead of AFCAN 0x1D in the address family...
CVE-2023-54105 can: isotp: check CAN address family in isotp_bind()
In the Linux kernel, the following vulnerability has been resolved: can: isotp: check CAN address family in isotpbind Add missing check to block non-AFCAN binds. Syzbot created some code which matched the right sockaddr struct size but used AFXDP 0x2C instead of AFCAN 0x1D in the address family...
CVE-2023-54105
The CVE-2023-54105 entry concerns the Linux kernel: a missing check in isotp_bind() for the AF_CAN address family, allowing non-AF_CAN binds to slip through. The root cause described is that Syzbot-generated code matched the sockaddr struct size but supplied AF_XDP (0x2C) instead of AF_CAN (0x1D)...
SUSE CVE-2022-49269
In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotpbind Syzbot created an environment that lead to a state machine status that can not be reached with a compliant CAN ID address configuration. The provided address information consisted o...
UBUNTU-CVE-2022-49269
In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotpbind Syzbot created an environment that lead to a state machine status that can not be reached with a compliant CAN ID address configuration. The provided address information consisted o...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an uncleared CAN ID check in isotpbind...