13 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Net: tun: Update napi-skb after the XDP process. The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: gve: Clearing napi-skb before devkfreeskbany In gverxfreeskb, napi-skb is incorrectly left referencing an skb after it is freed using devkfreeskbany. This can result in a subsequent call to napigetfrags returning a dangling...
RockyLinux 10 : kernel (RLSA-2025:23279)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23279 advisory. kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: net: tun: Update napi-skb after XDP process...
EUVD-2025-34588
In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi-skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb net/core/gro.c:723...
CVE-2025-39984 net: tun: Update napi->skb after XDP process
In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi-skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb net/core/gro.c:723...
PT-2025-42259
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a use-after-free issue identified through syzbot reporting. The issue occurs after commit e6d5dbdd20aa, which added multi-buff support for XDP running in gener...
AZL-51969 CVE-2024-43835 affecting package kernel for versions less than 6.6.64.2-9
In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix napiskbcacheput warning After the commit bdacf3e34945 "net: Use nested-BH locking for napialloccache." was merged, the following warning began to appear: WARNING: CPU: 5 PID: 1 at net/core/skbuff.c:1451...
DEBIAN-CVE-2024-43835
In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix napiskbcacheput warning After the commit bdacf3e34945 "net: Use nested-BH locking for napialloccache." was merged, the following warning began to appear: WARNING: CPU: 5 PID: 1 at net/core/skbuff.c:1451...
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2896-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2896-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were...
SUSE CVE-2024-40937
In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi-skb before devkfreeskbany gverxfreeskb incorrectly leaves napi-skb referencing an skb after it is freed with devkfreeskbany. This can result in a subsequent call to napigetfrags returning a dangling pointer. Fix...
DEBIAN-CVE-2024-40937
In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi-skb before devkfreeskbany gverxfreeskb incorrectly leaves napi-skb referencing an skb after it is freed with devkfreeskbany. This can result in a subsequent call to napigetfrags returning a dangling pointer. Fix...
CVE-2024-40937 gve: Clear napi->skb before dev_kfree_skb_any()
In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi-skb before devkfreeskbany gverxfreeskb incorrectly leaves napi-skb referencing an skb after it is freed with devkfreeskbany. This can result in a subsequent call to napigetfrags returning a dangling pointer. Fix...
CVE-2024-40937
In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi-skb before devkfreeskbany gverxfreeskb incorrectly leaves napi-skb referencing an skb after it is freed with devkfreeskbany. This can result in a subsequent call to napigetfrags returning a dangling pointer. Fix...