64 matches found
ROS-20260408-73-0022
A vulnerability in the brmulticastqueryexpired function of the net/bridge/brmulticast.c component of the Linux kernel is related to resource release errors. Exploitation of the vulnerability allows an attacker to cause a denial of service...
SUSE-SU-2026:20840-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues The following security issues were fixed: - CVE-2025-40214: afunix: Initialise sccindex in unixaddedge bsc1255052. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. -...
net: bridge: fix use-after-free due to MST port state bypass
...
CVE-2025-40297
In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix use-after-free due to MST port state bypass syzbot reported1 a use-after-free when deleting an expired fdb. It is due to a race condition between learning still happening and a port being deleted, after all its...
kernel: net: bridge: mcast: wait for previous gc cycles when removing port
A possible use-after-free was found in the Linux kernel in net/bridge/brmulticast.c...
The vulnerability of the br_dev_xmit() function in the net/bridge/br_device.c module of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.
The vulnerability of the brdevxmit function in the net/bridge/brdevice.c file of the Linux operating system is related to the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected information...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes CVE-2024-38538 In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fix BUGON on mmapPROTWRITE, MAPPRIVATE...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-44934)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44934 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc...
SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2024:3564-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3564-1 advisory. The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were...
SUSE-SU-2024:3564-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52610: net/sched: actct: fix skb leak and crash on ooo frags bsc1221610. - CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow...
kernel: net: bridge: mst: fix vlan use-after-free
A use-after-free flaw was found in net/bridge/brmst.c in the Linux kernel. This issue may lead to compromised Confidentiality and Integrity, and can crash...
CVE-2024-44934
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc cycles when removing port syzbot hit a use-after-free1 which is caused because the bridge doesn't make sure that all previous garbage has been collected when removing a port. What happens...
CVE-2024-44934
CVE-2024-44934 — Linux kernel net: bridge: mcast: wait for previous gc cycles when removing port . Syzkaller triggered a use-after-free during port removal because old multicast garbage collection cycles may still be running when a port is freed. The fix is to ensure all prior garbage-collection ...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
kernel: net: bridge: xmit: make sure we have at least eth header len bytes
A vulnerability was found in the Linux kernel in the net: bridge component, where the xmit function in the bridge device could trigger an uninitialized value error if a short skb less than the required ETHHLEN bytes is sent. This condition could cause unexpected behavior due to insufficient check...
kernel: net: bridge: mst: fix vlan use-after-free
A use-after-free flaw was found in net/bridge/brmst.c in the Linux kernel. This issue may lead to compromised Confidentiality and Integrity, and can crash...
CVE-2024-40921
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to brmstvlansetstate Pass the already obtained vlan group pointer to brmstvlansetstate instead of dereferencing it again. Each caller has already correctly dereferenced it for their...
CVE-2024-40920
A vulnerability was found in the Linux kernel's bridge subsystem, related to Multiple Spanning Tree MST. The brmstsetstate function was converted to use RCU to prevent a VLAN use-after-free, but fails to update the VLAN group dereference helper. This leads to warnings about improper RCU usage...
CVE-2024-40921
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to brmstvlansetstate Pass the already obtained vlan group pointer to brmstvlansetstate instead of dereferencing it again. Each caller has already correctly dereferenced it for their...
CVE-2024-40921
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to brmstvlansetstate Pass the already obtained vlan group pointer to brmstvlansetstate instead of dereferencing it again. Each caller has already correctly dereferenced it for their...