9 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: rose: Fix for timer race conditions against user threads. The Rose timers only acquire the socket spinlock, without checking whether the socket is owned by a specific user thread. Add a check and reinitialize the timers i...
UBUNTU-CVE-2025-39984
In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi-skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb net/core/gro.c:723...
Siemens SIMATIC S7-1500 TM MFP Use After Free (CVE-2024-41049)
In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posixlockinode Light Hsieh reported a KASAN UAF warning in traceposixlockinode. The request pointer had been changed earlier to point to a lock entry that was added to the inode's list...
Linux Distros Unpatched Vulnerability : CVE-2024-41049
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posixlockinode Light Hsieh reported a KASAN UAF...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-46800)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46800 advisory. - In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in...
CVE-2024-46800 sch/netem: fix use after free in netem_dequeue
In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netemdequeue If netemdequeue enqueues packet to inner qdisc and that qdisc returns NETXMITSTOLEN. The packet is dropped but qdisctreereducebacklog is not called to update the parent's q.qlen,...
CVE-2024-46800 sch/netem: fix use after free in netem_dequeue
In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netemdequeue If netemdequeue enqueues packet to inner qdisc and that qdisc returns NETXMITSTOLEN. The packet is dropped but qdisctreereducebacklog is not called to update the parent's q.qlen,...
CVE-2024-46800
CVE-2024-46800 affects the Linux kernel's netem (sch/netem) code. The issue is a use-after-free in netem_dequeue when enqueuing a packet to an inner qdisc that later returns __NET_XMIT_STOLEN; the packet is dropped but qdisc_tree_reduce_backlog() may not update the parent q.len, causing a use-aft...
CVE-2024-41049 filelock: fix potential use-after-free in posix_lock_inode
In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posixlockinode Light Hsieh reported a KASAN UAF warning in traceposixlockinode. The request pointer had been changed earlier to point to a lock entry that was added to the inode's list...