EUVD-2005-2710

Malware in sbrugna...

DEBIAN-CVE-2024-53124

In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk-skforwardalloc Syzkaller reported this warning: ------------ cut here ------------ WARNING: CPU: 0 PID: 16 at net/ipv4/afinet.c:156 inetsockdestruct+0x1c5/0x1e0 Modules linked in: CPU: 0 UID: 0 PID: ...

CVE-2021-4442

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ after restoring data in the receive queue. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096, PROTNONE,...

CVE-2021-4442 tcp: add sanity tests to TCP_QUEUE_SEQ

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ after restoring data in the receive queue. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096, PROTNONE,...

CVE-2021-4442

CVE-2021-4442 – The Linux kernel TCP stack vulnerability described as: a syzkaller repro could cause RCV_SEQ to be advanced after data restoration in the receive queue, enabling an out-of-order or invalid sequence handling when TCP_QUEUE_SEQ is used on non-empty queues. The connected documents (A...

CVE-2024-36484 net: relax socket state check at accept time.

In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time. Christoph reported the following splat: WARNING: CPU: 1 PID: 772 at net/ipv4/afinet.c:761 inetaccept+0x1f4/0x4a0 Modules linked in: CPU: 1 PID: 772 Comm: syz-executor510 Not tainted...

CVE-2024-36927

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in ipmakeskb KMSAN reported uninit-value access in ipmakeskb 1. ipmakeskb tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt2 with...

CVE-2021-47238

A vulnerability was found in the Linux kernel's IPv4 code, within the ipmcadd1src function. This issue can lead to a memory leak, where certain memory resources are not properly released when a network interface is removed, resulting in increased memory usage and potential performance issues over...

CVE-2021-47238 net: ipv4: fix memory leak in ip_mc_add1_src

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in ipmcadd1src BUG: memory leak unreferenced object 0xffff888101bc4c00 size 32: comm "syz-executor527", pid 360, jiffies 4294807421 age 19.329s hex dump first 32 bytes: 00 00 00 00 00 00 00 00 00 00 00 ...

PT-2024-4086 · Amazon · Amazon Linux Kernel

Name of the Vulnerable Software and Affected Versions: Amazon Linux kernel affected versions not specified Description: The issue is related to a flaw in the inet sock destruct function of the net/ipv4/af inet.c component in the IPv4 Networking Stack of the Amazon Linux kernel, which is associate...

CVE-2024-0584

CVE-2024-0584 is reported in connected data as affecting the kernel package in CBL-Mariners for versions less than 5.15.153.1-1. An upgraded kernel package version (5.15.153.1-1 or later) is available to resolve the issue. No exploitation details are provided in the documents beyond this remediat...

CVE-2024-0584

A use-after-free issue was found in igmpstarttimer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-1037)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsockconnect of the file...

Security Bulletin: This Power System update is being released to address CVE 2021-45486

Summary A security problem was fixed for the Virtualization Management Interface VMI for vulnerability CVE-2021-45486 that could allow a remote attacker to reveal sensitive information Vulnerability Details CVEID:CVE-2021-45486 DESCRIPTION: Linux Kernel could allow a local attacker to obtain...

CVE-2022-3435

A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fibnhmatch of the file net/ipv4/fibsemantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to appl...

Oracle Linux 8 : kernel (ELSA-2022-5316)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5316 advisory. - debug: lockdown kgdb Orabug: 34270802 CVE-2022-21499 - esp: limit skbpagefragrefill use to a single page Sabrina Dubroca 2062114 CVE-2022-27666 - esp...

UBUNTU-CVE-2022-1012

A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem...

GSD-2022-1002184 net: ipv4: fix route with nexthop object delete warning

net: ipv4: fix route with nexthop object delete warning This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.189 by commit...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 24 for SLE 15) (SUSE-SU-2022:1215-1)

The remote SUSE Linux SLES12 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1215-1 advisory. - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a...

Linux Kernel Buffer Overflow Vulnerability (CNVD-2022-79427)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a buffer overflow vulnerability that originates from not properly validating data boundaries when net/ipv4/esp4.c and net/ipv6/esp6.c perform...