15 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-50397
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/ieee802154: reject zero-sized rawsendmsg syzbot is hitting skbassertlen warning at rawsendmsg for ieee802154 socket. What commit dc633700f00f726e...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to clear a pointer to the sk object allocated on failure of the ieee802154create function in the...
RHEL 8 : kernel-rt (RHSA-2024:5102)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5102 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
ALSA-2024:5102 Important: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52463 kernel: tracing: Restructure traceclockglobal to...
DEBIAN-CVE-2022-48722
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: ca8210: Stop leaking skb's Upon error the ieee802154xmitcomplete helper is not called. Only ieee802154wakequeue is called manually. We then leak the skb structure. Free the skb structure upon error before returni...
K27575300: Linux kernel vulnerability CVE-2019-17053
Security Advisory Description ieee802154create in net/ieee802154/socket.c in the AFIEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. CVE-2019-17053 Impact There is no impact; F...
GSD-2022-1007423 net/ieee802154: reject zero-sized raw_sendmsg()
net/ieee802154: reject zero-sized rawsendmsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.220 by commit...
GSD-2022-1007210 net/ieee802154: don't warn zero-sized raw_sendmsg()
net/ieee802154: don't warn zero-sized rawsendmsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.150 by commit...
GSD-2022-1006709 net/ieee802154: don't warn zero-sized raw_sendmsg()
net/ieee802154: don't warn zero-sized rawsendmsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
PT-2022-35542 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.10.141 through 5.10.149 Description: A potential security issue exists due to the handling of zero-sized raw sendmsg in the net/ieee802154 module. The actual impact and attack plausibility have not yet been proven...
PT-2022-35098 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue concerns a potential security vulnerability in the Linux Kernel. It is related to the rejection of zero-sized raw sendmsg in the net/ieee802154 module. The actual impact and attack...
GSD-2022-1000586 net: ieee802154: ca8210: Stop leaking skb's
net: ieee802154: ca8210: Stop leaking skb's This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.22 by commit...
CVE-2019-19525
In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035...
CVE-2019-17053
ieee802154create in net/ieee802154/socket.c in the AFIEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7...
CVE-2013-7281
CVE-2013-7281 affects the Linux kernel’s dgram_recvmsg in net/ieee802154/dgram.c and allows local users to leak kernel stack memory by updating a length value without initializing an associated data structure. The issue is fixed in kernel 3.12.4 (patch referenced in changelog), with exposure via ...