Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: ice: Fixed a potential NULL pointer dereference in the icebridgesetlink function. The icebridgesetlink function may encounter a NULL pointer dereference if nlmsgfindattr returns NULL, and brspec is dereferenced subsequently ...

CVE-2024-36017

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLAVFVLANLIST attribute validation Each attribute inside a nested IFLAVFVLANLIST is assumed to be a struct iflavfvlaninfo so the size of such attribute needs to be at least of sizeofstruct iflavfvlaninf...

CVE-2024-36017 rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLAVFVLANLIST attribute validation Each attribute inside a nested IFLAVFVLANLIST is assumed to be a struct iflavfvlaninfo so the size of such attribute needs to be at least of sizeofstruct iflavfvlaninf...

CVE-2024-26855

CVE-2024-26855 – Linux kernel (net/ice) : The vulnerability is a NULL pointer dereference in ice_bridge_setlink(). If nlmsg_find_attr() returns NULL, br_spec may be dereferenced during nla_for_each_nested(), causing a crash/local impact. The fix adds an explicit check that br_spec is not NULL bef...