Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

A vulnerability classified as critical was discovered in the Linux kernel. The vulnerability affects the function l2capreassemblesdu in the file net/bluetooth/l2capcore.c of the Bluetooth component. This vulnerability stems from improper memory management, leading to an attempt to reuse freed...

Azure Linux 3.0 Security Update: kernel (CVE-2024-24858)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24858 advisory. - A race condition was found in the Linux kernel's net/bluetooth in conn,advmin,maxintervalset function. This...

CVE-2024-42141

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Check socket flag instead of hcon This fixes the following Smatch static checker warning: net/bluetooth/iso.c:1364 isosockrecvmsg error: we previously assumed 'pi-conn-hcon' could be null line 1359...

CentOS 7 : kernel (RHSA-2024:1249)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1249 advisory. - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may all...

CVE-2024-24857

Summary (CVE-2024-24857) : A race condition in the Linux kernel’s net/bluetooth driver function conn_info_{min,max}age_set() may cause an integrity overflow, potentially causing Bluetooth connection abnormalities or DoS. Public sources place this as a kernel issue affecting the Bluetooth subsyste...

CVE-2024-24858

CVE-2024-24858 describes a race condition in the Linux kernel's Bluetooth code (net/bluetooth) specifically in {conn,adv}_{min,max}_interval_set() that can cause I2cap connection or broadcast abnormalities, potentially leading to a denial of service. The Astra Linux security bulletin also referen...

CVE-2024-24859

CVE-2024-24859: A race condition in Linux kernel Bluetooth code (net/bluetooth sniff_min_interval_set and sniff_max_interval_set) can trigger a bluetooth sniffing exception and potential DoS. The connected Nessus/Azure Unity Unity Linux entries confirm this CVE across multiple distributions, but ...

Linux kernel Competition Condition Problem Vulnerability

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from a Bluetooth sniffing exception in the sniffmin,maxintervalset method of net/bluetooth...

CVE-2024-22099

NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM net, bluetooth modules allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2...

PT-2024-1479

Name of the Vulnerable Software and Affected Versions Linux kernel version v2.6.12-rc2 Description The issue is related to a NULL Pointer Dereference vulnerability in the Linux kernel, specifically in the net and bluetooth modules. This vulnerability is associated with program files...

RHEL 8 : kernel (RHSA-2023:5589)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5589 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in l2capconnect...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

CVE-2023-40283

An issue was discovered in l2capsockrelease in net/bluetooth/l2capsock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled...

CVE-2023-40283

CVE-2023-40283 affects the Linux kernel before 6.4.10. It stems from a use-after-free in l2cap_sock_release (net/bluetooth/l2cap_sock.c) where the children of an sk are mishandled. The vulnerability allows a local attacker to run arbitrary code or cause a denial of service by crafting a targeted ...

RHEL 8 : kpatch-patch (RHSA-2023:4531)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4531 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

RHEL 8 : kernel-rt (RHSA-2023:4541)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4541 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

CentOS: Security Advisory for bpftool (CESA-2023:4151)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : kernel (RHSA-2023:4151)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4151 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free caused by...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

RHEL 7 : kpatch-patch (RHSA-2023:3278)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3278 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fixe...