30 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: BPF: Mark the bpf prog stack with kmsanunpoisonmemory in interpreter mode. SYZBOT reported uninit memory usage during maplookup,deleteelem. ========= BUG: KMSAN: uninitvalue in devmaplookupelem kernel/bpf/devmap.c:441 inline...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: BPF, sockmap: Prevent lock inversion deadlock in mapdeleteelem operation. The syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Since BPF tracing programs can be invoked fr...
Astra Linux - уязвимость в linux-6.1, linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: In the xskmapdeleteelem function, an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsigned value for map-maxEntries can bypass the intended bounds...
TOTOLINK N200RE 命令注入漏洞
The TOTOLINK N200RE is a router produced by TOTOLINK, a Chinese electronics company. The TOTOLINK N200RE V5 version has a command injection vulnerability, which stems from the use of command injections in the formMapDelDevice function, particularly with the macstr and bandstr parameters...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005182)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005182 advisory. In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: In the xskmapdeleteelem function an...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-411908)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-411908 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuse...
CVE-2025-55587
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-55587
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
kernel: xsk: fix OOB map writes when deleting elements
In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...
kernel: xsk: fix OOB map writes when deleting elements
In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...
kernel: xsk: fix OOB map writes when deleting elements
In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...
CVE-2025-4729
A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr lead...
kernel: xsk: fix OOB map writes when deleting elements
In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...
The vulnerability of the dev_map_delete_elem() function in the kernel/bpf/devmap.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the devmapdeleteelem function in the kernel/bpf/devmap.c module of the Linux operating system is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
SUSE CVE-2024-56614
In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...
DEBIAN-CVE-2024-56614
In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...
AZL-55171 CVE-2024-56614 affecting package kernel for versions less than 6.6.76.1-1
In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...
CVE-2024-56614 xsk: fix OOB map writes when deleting elements
In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...
kernel: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers
In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcureadlocktraceheld before calling bpf map helpers These three bpfmaplookup,update,deleteelem helpers are also available for sleepable bpf program, so add the corresponding lock assertion for sleepable bpf program,...
SUSE CVE-2022-48939
In the Linux kernel, the following vulnerability has been resolved: bpf: Add schedule points in batch ops syzbot reported various soft lockups caused by bpf batch operations. INFO: task kworker/1:1:27 blocked for more than 140 seconds. INFO: task hung in rcubarrier Nothing prevents batch ops to...