873 matches found
PT-2024-11312 · Linux +6 · Linux Kernel +6
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a use-after-free UAF bug in the emac remove function. The adpt variable, which is netdev private data, cannot be used after the free netdev call. Using adpt aft...
PT-2024-11243 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential use-after-free vulnerability has been resolved in the Linux kernel. The issue occurs in the ec bhf remove function, where the priv pointer is used after free netdev has bee...
PT-2024-11245 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak vulnerability has been resolved in the Linux kernel. The issue was caused by a missing free netdev call in the mkiss close function, which led to a memory leak when the...
kernel: net-sysfs: *_queue_add_kobject refcount issue
A flaw was found in the way the rxqueueaddkobject and netdevqueueaddkobject functions in the Linux kernel handled refcounting of certain objects. This flaw allows a local user who can trigger the error code path to use this vulnerability to disturb the integrity of the system...
kernel: net-sysfs: *_queue_add_kobject refcount issue
A flaw was found in the way the rxqueueaddkobject and netdevqueueaddkobject functions in the Linux kernel handled refcounting of certain objects. This flaw allows a local user who can trigger the error code path to use this vulnerability to disturb the integrity of the system...
SUSE SLES12 Security Update : libvirt (SUSE-SU-2020:2233-1)
This update for libvirt fixes the following issues : CVE-2020-14339: Don't leak /dev/mapper/control into QEMU. Use ioctl's to obtain the dependency tree of disks and drop use of libdevmapper. - bsc1161883, bsc1174458 qemu: Setup emulator thread and cpuset.mems before exec - bsc1171946 libxl:...
CVE-2019-20811
CVE-2019-20811 affects the Linux kernel prior to 5.0.6, where a reference count is mishandled in rx_queue_add_kobject() and netdev_queue_add_kobject() within net/core/net-sysfs.c (CID-a3e23f719f5c). The issue was fixed in kernel 5.0.6 (ChangeLog-5.0.6). Exploitation would require local access and...
systemd:fuzz-netdev-parser: Heap-use-after-free in network_config_compare_func
Project: https://github.com/systemd/systemd.git Detailed Report: https://oss-fuzz.com/testcase?key=5133720507121664 Project: systemd Fuzzing Engine: libFuzzer Fuzz Target: fuzz-netdev-parser Job Type: libfuzzerasansystemd Platform Id: linux Crash Type: Heap-use-after-free READ 1 Crash Address:...
systemd:fuzz-netdev-parser: Use-of-uninitialized-value in l2tp_session_free
Project: https://github.com/systemd/systemd.git Detailed Report: https://oss-fuzz.com/testcase?key=5757581015646208 Project: systemd Fuzzing Engine: libFuzzer Fuzz Target: fuzz-netdev-parser Job Type: libfuzzermsansystemd Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address:...
systemd:fuzz-netdev-parser: Null-dereference READ with empty stacktrace
Detailed Report: https://oss-fuzz.com/testcase?key=5142453635252224 Project: systemd Fuzzing Engine: libFuzzer Fuzz Target: fuzz-netdev-parser Job Type: libfuzzermsansystemd Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x000000000000 Crash State: NULL Sanitizer: memory MSAN...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. A memory leak in sitinitnet in net/ipv6/sit.c when registernetdev fails to register sitn-fbtunneldev allows an attacker to crash the system...
Privilege Escalation
The kernel contains privilege escalation. A flaw in devload could allow a local user who has the CAPNETADMIN capability to load arbitrary modules from "/lib/modules/", instead of only netdev modules...
systemd security, bug fix, and enhancement update
239-18.0.1 - fix netdev is missing for iscsi entry in /etc/fstab [email protected] Orabug: 25897792 - set 'RemoveIPC=no' in logind.conf as default for OL7.2 Orabug: 22224874 - allow dm remove ioctl to co-operate with UEK3 Vaughan Cao Orabug: 18467469 - add hv dynamic memory support Jerry...
kernel: net-sysfs: *_queue_add_kobject refcount issue
A flaw was found in the way the rxqueueaddkobject and netdevqueueaddkobject functions in the Linux kernel handled refcounting of certain objects. This flaw allows a local user who can trigger the error code path to use this vulnerability to disturb the integrity of the system...
CVE-2019-16994
In the Linux kernel before 5.0, a memory leak exists in sitinitnet in net/ipv6/sit.c when registernetdev fails to register sitn-fbtunneldev, which may cause denial of service, aka CID-07f12b26e21a...
DEBIAN-CVE-2019-16994
In the Linux kernel before 5.0, a memory leak exists in sitinitnet in net/ipv6/sit.c when registernetdev fails to register sitn-fbtunneldev, which may cause denial of service, aka CID-07f12b26e21a...
UBUNTU-CVE-2019-16994
In the Linux kernel before 5.0, a memory leak exists in sitinitnet in net/ipv6/sit.c when registernetdev fails to register sitn-fbtunneldev, which may cause denial of service, aka CID-07f12b26e21a...
systemd/fuzz-netdev-parser: Use-of-uninitialized-value in explicit_bzero_safe
Project: https://github.com/systemd/systemd.git Detailed report: https://oss-fuzz.com/testcase?key=5189307683307520 Project: systemd Fuzzer: libFuzzersystemdfuzz-netdev-parser Fuzz target binary: fuzz-netdev-parser Job Type: libfuzzermsansystemd Platform Id: linux Crash Type:...
systemd/fuzz-netdev-parser: Global-buffer-overflow in nulstr_contains
Project: https://github.com/systemd/systemd.git Detailed report: https://oss-fuzz.com/testcase?key=5695224883445760 Project: systemd Fuzzer: libFuzzersystemdfuzz-netdev-parser Fuzz target binary: fuzz-netdev-parser Job Type: libfuzzerasansystemd Platform Id: linux Crash Type: Global-buffer-overfl...
openSUSE Security Update : openvswitch (openSUSE-2018-1562)
This update for openvswitch to version 2.7.6 fixes the following issues : These security issues were fixed : - CVE-2018-17205: Prevent OVS crash when reverting old flows in bundle commit bsc1104467. - CVE-2018-17206: Avoid buffer overread in BUNDLE action decoding bsc1104467. - CVE-2018-17204:Whe...