kernel: heap out of bounds write in nf_dup_netdev.c

An out-of-bounds OOB memory access flaw was found in nftfwddupnetdevoffload in net/netfilter/nfdupnetdev.c in the netfilter subcomponent in the Linux kernel due to a heap out-of-bounds write problem. This flaw allows a local attacker with a user account on the system to gain access to out-of-boun...

kernel: heap out of bounds write in nf_dup_netdev.c

An out-of-bounds OOB memory access flaw was found in nftfwddupnetdevoffload in net/netfilter/nfdupnetdev.c in the netfilter subcomponent in the Linux kernel due to a heap out-of-bounds write problem. This flaw allows a local attacker with a user account on the system to gain access to out-of-boun...

kernel: heap out of bounds write in nf_dup_netdev.c

An out-of-bounds OOB memory access flaw was found in nftfwddupnetdevoffload in net/netfilter/nfdupnetdev.c in the netfilter subcomponent in the Linux kernel due to a heap out-of-bounds write problem. This flaw allows a local attacker with a user account on the system to gain access to out-of-boun...

kernel: heap out of bounds write in nf_dup_netdev.c

An out-of-bounds OOB memory access flaw was found in nftfwddupnetdevoffload in net/netfilter/nfdupnetdev.c in the netfilter subcomponent in the Linux kernel due to a heap out-of-bounds write problem. This flaw allows a local attacker with a user account on the system to gain access to out-of-boun...

kernel: heap out of bounds write in nf_dup_netdev.c

An out-of-bounds OOB memory access flaw was found in nftfwddupnetdevoffload in net/netfilter/nfdupnetdev.c in the netfilter subcomponent in the Linux kernel due to a heap out-of-bounds write problem. This flaw allows a local attacker with a user account on the system to gain access to out-of-boun...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfstargetidswrite' CVE-2021-46937 In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: protect targets destructions with kdamondlock...

PT-2022-7623 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to the ipv6 component of the Linux kernel and is caused by a memory leak. When the network device is going down or IPv6 is disabled on the interface, the...

GSD-2022-1000400 net_sched: add __rcu annotation to netdev->qdisc

netsched: add rcu annotation to netdev-qdisc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.102 by commit...

PT-2022-7625 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.10-1.32.fc32.qubes.x86 64+ 226 Description: The vulnerability is related to the xen/netfront component of the Linux kernel. It occurs because xennet destroy queues relies on info-netdev-real num tx queues t...

CVE-2022-25636

net/netfilter/nfdupnetdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nftablesoffload...

CVE-2022-0646

A flaw use after free in the Linux kernel Management Component Transport Protocol MCTP subsystem was found in the way user triggers cancelworksync after the unregisternetdev during removing device. A local user could use this flaw to crash the system or escalate their privileges on the system. It...

PT-2021-8138 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to a double-free issue in the tun free netdev function. This issue can be exploited to execute arbitrary code and elevate privileges. The problem arises fr...

PT-2021-8142 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an incorrect structure access in the Linux kernel's net component, specifically in the prestera module. This can cause invalid memory access for certain events,...

UVI-2021-1001892 netfilter: nf_tables: skip netdev events generated on netns removal

netfilter: nftables: skip netdev events generated on netns removal This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.15 by commit...

GSD-2021-1001892 netfilter: nf_tables: skip netdev events generated on netns removal

netfilter: nftables: skip netdev events generated on netns removal This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.15 by commit...

hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state leading to a use-after-free and a double free.

...

AZL-6578 CVE-2021-37159 affecting package kernel for versions less than 5.15.2.1-1

hsofreenetdevice in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregisternetdev without checking for the NETREGREGISTERED state, leading to a use-after-free and a double free...

CVE-2021-37159

hsofreenetdevice in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregisternetdev without checking for the NETREGREGISTERED state, leading to a use-after-free and a double free...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in drivers/net/usb/hso.c in Linux kernel version 5.13.4 and earlier, which originates from a call to unregisternetdev without checking the statu...

PT-2024-11311 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free UAF bug has been resolved in the Linux kernel. The issue occurs because priv, which is netdev private data, cannot be used after the free netdev call. Using priv after...