10 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of address family checking in the isotpbind function, which could lead to binding errors...
kernel: can: isotp: sanitize CAN ID checks in isotp_bind()
In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotpbind Syzbot created an environment that lead to a state machine status that can not be reached with a compliant CAN ID address configuration. The provided address information consisted o...
EUVD-2022-54957
In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotpbind Syzbot created an environment that lead to a state machine status that can not be reached with a compliant CAN ID address configuration. The provided address information consisted o...
CVE-2022-49269
In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotpbind Syzbot created an environment that lead to a state machine status that can not be reached with a compliant CAN ID address configuration. The provided address information consisted o...
CVE-2022-49269
The CVE-2022-49269 issue affects the Linux kernel CAN subsystem: isotp_bind() incorrectly validates CAN IDs, allowing a state machine path that can be reached with non-standard IDs (ex: 0x6000001 and 0xC28001) that map to 11-bit IDs 0x001. The fix sanitizes SFF/EFF CAN ID values before address ch...
CVE-2022-49269 can: isotp: sanitize CAN ID checks in isotp_bind()
In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotpbind Syzbot created an environment that lead to a state machine status that can not be reached with a compliant CAN ID address configuration. The provided address information consisted o...
GSD-2022-1002127 can: isotp: sanitize CAN ID checks in isotp_bind()
can: isotp: sanitize CAN ID checks in isotpbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.110 by commit...
GSD-2022-1001909 can: isotp: sanitize CAN ID checks in isotp_bind()
can: isotp: sanitize CAN ID checks in isotpbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.33 by commit...
GSD-2022-1001605 can: isotp: sanitize CAN ID checks in isotp_bind()
can: isotp: sanitize CAN ID checks in isotpbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...
GSD-2022-1001299 can: isotp: sanitize CAN ID checks in isotp_bind()
can: isotp: sanitize CAN ID checks in isotpbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...