CVE-2024-5290

A vulnerability was found in the wpasupplicant package. This flaw allows a local unprivileged user who is part of the netdev group to achieve privilege escalation to the same user running wpasupplicant typically root. Mitigation Mitigation for this issue is either not available or the currently...

CVE-2024-5290

An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...

DEBIAN-CVE-2024-5290

An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...

CVE-2024-5290

An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...

UBUNTU-CVE-2024-5290

An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...

SUSE CVE-2024-42110

In the Linux kernel, the following vulnerability has been resolved: net: ntbnetdev: Move ntbnetdevrxhandler to call netifrx from netifrx The following is emitted when using idxd DSA dmanegine as the data mover for ntbtransport that ntbnetdev uses. 74412.546922 BUG: using smpprocessorid in...

Debian dsa-5739 : eapoltest - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5739 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5739-1 [email protected] https://www.debian.org/security/...

DEBIAN-CVE-2024-42110

In the Linux kernel, the following vulnerability has been resolved: net: ntbnetdev: Move ntbnetdevrxhandler to call netifrx from netifrx The following is emitted when using idxd DSA dmanegine as the data mover for ntbtransport that ntbnetdev uses. 74412.546922 BUG: using smpprocessorid in...

CVE-2024-42116

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

UBUNTU-CVE-2024-42110

In the Linux kernel, the following vulnerability has been resolved: net: ntbnetdev: Move ntbnetdevrxhandler to call netifrx from netifrx The following is emitted when using idxd DSA dmanegine as the data mover for ntbtransport that ntbnetdev uses. 74412.546922 BUG: using smpprocessorid in...

CVE-2024-42116

Removed by vendor...

CVE-2024-42116

...

CVE-2024-42116

...

PT-2024-29753 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.43 Description: The issue is related to the igc driver in the Linux kernel, where the igc ptp init function is called before register netdev, resulting in a log entry using an uninitialized netdev. This caus...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the net:ntbnetdev module in the use of idxd DSA dmanegine as a data mover for the ntbtransport, where the...

kernel: can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939netdevstart: fix UAF for rxkref of j1939priv It will trigger UAF for rxkref of j1939priv as following. cpu0 cpu1 j1939skbindsocket0, ndev0, ... j1939netdevstart j1939skbindsocket1, ndev0, ... j1939netdevstart...

SUSE CVE-2022-48807

In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEVUNREGISTER handler Currently, the same handler is called for both a NETDEVBONDINGINFO LAG unlink notification as for a NETDEVUNREGISTER call. This is causing a problem though, since the...

CVE-2022-48810

In CVE-2022-48810, the Linux kernel fixes a RTNL lock handling issue in IPv4/IPv6 multicast code: ipmr and ip6mr_free_table() could be called on the failure path without proper RTNL protection. The patch ensures RTNL is held before freeing mroute tables, preventing an assertion failure observed i...

SUSE CVE-2024-40910

In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in ax25release, we call netdevput to decrease the refcount on the associated ax.25 device. However, the execution path for accepting an incoming connecti...

kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: honor table dormant flag from netdev release event path The Linux kernel CVE team has assigned CVE-2024-36005 to this issue. Upstream advisory:...