kernel: net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()

A vulnerability in the Linux kernel affects the High-availability Seamless Redundancy HSR protocol. The issue was identified when a warning WARNONCE was triggered due to failed resource allocation for skb in the hsrinitskb function. The WARNONCE was initially used to log this failure, but it was...

AZL-53355 CVE-2024-50146 affecting package kernel for versions less than 6.6.82.1-1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't call cleanup on profile rollback failure When profile rollback fails in mlx5enetdevchangeprofile, the netdev profile var is left set to NULL. Avoid a crash when unloading the driver by not calling profile-cleanup...

CVE-2024-50146

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't call cleanup on profile rollback failure When profile rollback fails in mlx5enetdevchangeprofile, the netdev profile var is left set to NULL. Avoid a crash when unloading the driver by not calling profile-cleanup...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a call to cleanup in the mlx5enetdevchangeprofile function in the event of a configuration file rollback...

ROS-20241101-02

A vulnerability in the vmxnet3 component of the Linux operating system kernel is related to resource management errors in the vmxnet3processxdp function in drivers/net/vmxnet3/vmxnet3xdp.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in t...

SUSE CVE-2022-48984

In the Linux kernel, the following vulnerability has been resolved: can: slcan: fix freed work crash The LTP test pty03 is causing a crash in slcan: BUG: kernel NULL pointer dereference, address: 0000000000000008 PF: supervisor read access in kernel mode PF: errorcode0x0000 - not-present page PGD...

CVE-2022-48972

In the Linux kernel, the following vulnerability has been resolved: mac802154: fix missing INITLISTHEAD in ieee802154ifadd Kernel fault injection test reports null-ptr-deref as follows: BUG: kernel NULL pointer dereference, address: 0000000000000008 RIP: 0010:cfg802154netdevnotifiercall+0x120/0x3...

CVE-2022-49008

In the Linux kernel, the following vulnerability has been resolved: can: can327: can327feedframetonetdev: fix potential skb leak when netdev is down In can327feedframetonetdev, it did not free the skb when netdev is down, and all callers of can327feedframetonetdev did not free allocated skb too...

DEBIAN-CVE-2022-48984

In the Linux kernel, the following vulnerability has been resolved: can: slcan: fix freed work crash The LTP test pty03 is causing a crash in slcan: BUG: kernel NULL pointer dereference, address: 0000000000000008 PF: supervisor read access in kernel mode PF: errorcode0x0000 - not-present page PGD...

UBUNTU-CVE-2022-49008

In the Linux kernel, the following vulnerability has been resolved: can: can327: can327feedframetonetdev: fix potential skb leak when netdev is down In can327feedframetonetdev, it did not free the skb when netdev is down, and all callers of can327feedframetonetdev did not free allocated skb too...

CVE-2022-49008 can: can327: can327_feed_frame_to_netdev(): fix potential skb leak when netdev is down

In the Linux kernel, the following vulnerability has been resolved: can: can327: can327feedframetonetdev: fix potential skb leak when netdev is down In can327feedframetonetdev, it did not free the skb when netdev is down, and all callers of can327feedframetonetdev did not free allocated skb too...

CVE-2022-49008 can: can327: can327_feed_frame_to_netdev(): fix potential skb leak when netdev is down

In the Linux kernel, the following vulnerability has been resolved: can: can327: can327feedframetonetdev: fix potential skb leak when netdev is down In can327feedframetonetdev, it did not free the skb when netdev is down, and all callers of can327feedframetonetdev did not free allocated skb too...

CVE-2022-49008 can: can327: can327_feed_frame_to_netdev(): fix potential skb leak when netdev is down

In the Linux kernel, the following vulnerability has been resolved: can: can327: can327feedframetonetdev: fix potential skb leak when netdev is down In can327feedframetonetdev, it did not free the skb when netdev is down, and all callers of can327feedframetonetdev did not free allocated skb too...

CVE-2022-49008

The CVE-2022-49008 issue affects the Linux kernel, specifically the can327 path: can327_feed_frame_to_netdev() failed to free the skb when the netdev is down, and all callers did not free allocated skbs, causing a potential skb leak. The patch adds kfree_skb() in can327_feed_frame_to_netdev() whe...

CVE-2022-48972 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()

In the Linux kernel, the following vulnerability has been resolved: mac802154: fix missing INITLISTHEAD in ieee802154ifadd Kernel fault injection test reports null-ptr-deref as follows: BUG: kernel NULL pointer dereference, address: 0000000000000008 RIP: 0010:cfg802154netdevnotifiercall+0x120/0x3...

CVE-2024-50019 kthread: unpark only parked kthread

In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already unparked. The wake up is then simply ignored because the target is not in TASKPARKED state. However...

AZL-50836 CVE-2024-47734 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: bonding: Fix unnecessary warnings and logs from bondxdpgetxmitslave syzbot reported a WARNING in bondxdpgetxmitslave. To reproduce this1, one bond device bond1 has xdpdrv, which increases bpfmasterredirectenabledkey. Another bond...

DEBIAN-CVE-2024-47734

In the Linux kernel, the following vulnerability has been resolved: bonding: Fix unnecessary warnings and logs from bondxdpgetxmitslave syzbot reported a WARNING in bondxdpgetxmitslave. To reproduce this1, one bond device bond1 has xdpdrv, which increases bpfmasterredirectenabledkey. Another bond...

UBUNTU-CVE-2024-47734

In the Linux kernel, the following vulnerability has been resolved: bonding: Fix unnecessary warnings and logs from bondxdpgetxmitslave syzbot reported a WARNING in bondxdpgetxmitslave. To reproduce this1, one bond device bond1 has xdpdrv, which increases bpfmasterredirectenabledkey. Another bond...

PT-2024-11871 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential skb leak issue has been identified in the Linux kernel, specifically in the can327 feed frame to netdev function. This issue occurs when the netdev is down, and the functio...