873 matches found
kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: honor table dormant flag from netdev release event path The Linux kernel CVE team has assigned CVE-2024-36005 to this issue. Upstream advisory:...
UBUNTU-CVE-2024-40910
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in ax25release, we call netdevput to decrease the refcount on the associated ax.25 device. However, the execution path for accepting an incoming connecti...
kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: honor table dormant flag from netdev release event path The Linux kernel CVE team has assigned CVE-2024-36005 to this issue. Upstream advisory:...
SUSE CVE-2021-47589
In the Linux kernel, the following vulnerability has been resolved: igbvf: fix double free in igbvfprobe In igbvfprobe, if registernetdev fails, the program will go to label errhwinit, and then to label errioremap. In freenetdev which is just below label errioremap, there is listforeachentrysafe...
CVE-2022-48728
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix AIP early init panic An early failure in hfi1ipoibsetuprn can lead to the following panic: BUG: unable to handle kernel NULL pointer dereference at 00000000000001b0 PGD 0 P4D 0 Oops: 0002 1 SMP NOPTI Workqueue: event...
CVE-2022-48746
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check if the handled netdev is VF representor and it missing a check if the VF representor is on the same phys...
CVE-2022-48720
In the Linux kernel, the following vulnerability has been resolved: net: macsec: Fix offload support for NETDEVUNREGISTER event Current macsec netdev notify handler handles NETDEVUNREGISTER event by releasing relevant SW resources only, this causes resources leak in case of macsec HW offload, as...
UBUNTU-CVE-2022-48720
In the Linux kernel, the following vulnerability has been resolved: net: macsec: Fix offload support for NETDEVUNREGISTER event Current macsec netdev notify handler handles NETDEVUNREGISTER event by releasing relevant SW resources only, this causes resources leak in case of macsec HW offload, as...
CVE-2022-48746 net/mlx5e: Fix handling of wrong devices during bond netevent
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check if the handled netdev is VF representor and it missing a check if the VF representor is on the same phys...
CVE-2022-48746 net/mlx5e: Fix handling of wrong devices during bond netevent
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check if the handled netdev is VF representor and it missing a check if the VF representor is on the same phys...
CVE-2022-48728 IB/hfi1: Fix AIP early init panic
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix AIP early init panic An early failure in hfi1ipoibsetuprn can lead to the following panic: BUG: unable to handle kernel NULL pointer dereference at 00000000000001b0 PGD 0 P4D 0 Oops: 0002 1 SMP NOPTI Workqueue: event...
CVE-2022-48728 IB/hfi1: Fix AIP early init panic
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix AIP early init panic An early failure in hfi1ipoibsetuprn can lead to the following panic: BUG: unable to handle kernel NULL pointer dereference at 00000000000001b0 PGD 0 P4D 0 Oops: 0002 1 SMP NOPTI Workqueue: event...
AZL-48210 CVE-2024-38608 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix netif state handling mlx5esuspend cleans resources only if netifdevicepresent returns true. However, mlx5eresume changes the state of netif, via mlx5enicenable, only if regstate == NETREGREGISTERED. In the below...
DEBIAN-CVE-2024-38608
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix netif state handling mlx5esuspend cleans resources only if netifdevicepresent returns true. However, mlx5eresume changes the state of netif, via mlx5enicenable, only if regstate == NETREGREGISTERED. In the below...
DEBIAN-CVE-2024-38557
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Reload only IB representors upon lag disable/enable On lag disable, the bond IB device along with all of its representors are destroyed, and then the slaves' representors get reloaded. In case the slave IB representor...
UBUNTU-CVE-2024-38608
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix netif state handling mlx5esuspend cleans resources only if netifdevicepresent returns true. However, mlx5eresume changes the state of netif, via mlx5enicenable, only if regstate == NETREGREGISTERED. In the below...
CVE-2021-47306
A vulnerability was found in the fzaprobe function in the Linux kernel's FDDI driver. Private data might be used after it has been freed, leading to an use-after-free issue, causing system instability or crashes if the freed data is accessed. Mitigation Red Hat has investigated whether a possible...
PT-2024-5576 · Unknown +4 · Wpa Supplicant +4
Name of the Vulnerable Software and Affected Versions: wpa supplicant affected versions not specified Description: The issue is related to an uncontrolled search path element in wpa supplicant, allowing a local unprivileged attacker to escalate privileges to the user that wpa supplicant runs as,...
CVE-2021-47310
A vulnerability was found in the Linux kernel's TI TLAN driver, where the tlanremoveone function can lead to a use-after-free issue when the driver attempts to access private data after the network device has already been freed, potentially causing system instability or crash. Mitigation Red Hat...
SUSE CVE-2021-47559
In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereferencing in smcvlanbytcpsk Coverity reports a possible NULL dereferencing problem: in smcvlanbytcpsk: 6. returnednull: netdevlowergetnext returns NULL checked 29 out of 30 times. 7. varassigned:...