12 matches found
DEBIAN-CVE-2023-53843
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next commit 759ab1edb56c "net: store netdevs in an xarray" refactored the handling of pre-assigned ifindexes and let syzbot surface a latent problem in ovs. ovs does...
kernel: tls: always refresh the queue when reading sock
In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...
Linux Distros Unpatched Vulnerability : CVE-2025-38471
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compact...
SUSE CVE-2022-49590
In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctligmpllmreports. While reading sysctligmpllmreports, it can be changed concurrently. Thus, we need to add READONCE to its readers. This test can be packed into a helper, so such changes will be in...
UBUNTU-CVE-2022-49590
In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctligmpllmreports. While reading sysctligmpllmreports, it can be changed concurrently. Thus, we need to add READONCE to its readers. This test can be packed into a helper, so such changes will be in...
UBUNTU-CVE-2022-49589
In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctligmpqrv. While reading sysctligmpqrv, it can be changed concurrently. Thus, we need to add READONCE to its readers. This test can be packed into a helper, so such changes will be in the follow-up...
CVE-2022-49590
In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctligmpllmreports. While reading sysctligmpllmreports, it can be changed concurrently. Thus, we need to add READONCE to its readers. This test can be packed into a helper, so such changes will be in...
CVE-2024-43880
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumaclerp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM A-TCAM or in the ordinary circuit TCAM C-TCAM. The former can contain more ACLs i.e., tc filters, but the...
CVE-2024-43880
CVE-2024-43880 affects the Linux kernel mlxsw Spectrum ACL TCAM handling. The issue arises in the TCAM masking logic where object aggregation hints could form nested objects (A-TCAM/C-TCAM) due to an aggregation‑helper in the objagg library and driver interaction. This could produce non‑optimal o...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: llc: call sockorphan at release time syzbot reported an interesting trace 1 caused by a stale sk-skwq pointer in a closed llc socket. In commit ff7b11aa481f "net: socket: set sock-sk to NULL after calling protoops::release" Eric...
CVE-2024-26625 llc: call sock_orphan() at release time
In the Linux kernel, the following vulnerability has been resolved: llc: call sockorphan at release time syzbot reported an interesting trace 1 caused by a stale sk-skwq pointer in a closed llc socket. In commit ff7b11aa481f "net: socket: set sock-sk to NULL after calling protoops::release" Eric...
CVE-2024-26625
The CVE-2024-26625 entry concerns a Linux kernel issue in the LLC path where a stale sk->sk_wq pointer could remain after releasing an LLC socket. The trace indicates a use-after-free path triggered by sock_wfree and related sk_buff paths. The fix involves a commit that clears sock->sk afte...