16 matches found
kernel: xfrm: interface: fix use-after-free after changing collect_md xfrm interface
In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...
Linux Distros Unpatched Vulnerability : CVE-2024-26596
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdevpriv dereference before check on non-DSA netdevice events After the...
CVE-2024-26596
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdevpriv dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEVCHANGEUPPER and NETDEVPRECHANGEUPPER event in the system. static inline stru...
CVE-2024-50274
In the Linux kernel, the following vulnerability has been resolved: idpf: avoid vport access in idpfgetlinkksettings When the device control plane is removed or the platform running device control plane is rebooted, a reset is detected on the driver. On driver reset, it releases the resources and...
SUSE CVE-2024-50274
In the Linux kernel, the following vulnerability has been resolved: idpf: avoid vport access in idpfgetlinkksettings When the device control plane is removed or the platform running device control plane is rebooted, a reset is detected on the driver. On driver reset, it releases the resources and...
DEBIAN-CVE-2024-50274
In the Linux kernel, the following vulnerability has been resolved: idpf: avoid vport access in idpfgetlinkksettings When the device control plane is removed or the platform running device control plane is rebooted, a reset is detected on the driver. On driver reset, it releases the resources and...
CVE-2024-50274
In the Linux kernel, the following vulnerability has been resolved: idpf: avoid vport access in idpfgetlinkksettings When the device control plane is removed or the platform running device control plane is rebooted, a reset is detected on the driver. On driver reset, it releases the resources and...
CVE-2024-50274
In the Linux kernel, the following vulnerability has been resolved: idpf: avoid vport access in idpfgetlinkksettings When the device control plane is removed or the platform running device control plane is rebooted, a reset is detected on the driver. On driver reset, it releases the resources and...
CVE-2024-50274 idpf: avoid vport access in idpf_get_link_ksettings
In the Linux kernel, the following vulnerability has been resolved: idpf: avoid vport access in idpfgetlinkksettings When the device control plane is removed or the platform running device control plane is rebooted, a reset is detected on the driver. On driver reset, it releases the resources and...
CVE-2021-47235 net: ethernet: fix potential use-after-free in ec_bhf_remove
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ecbhfremove static void ecbhfremovestruct pcidev dev ... struct ecbhfpriv priv = netdevprivnetdev; unregisternetdevnetdev; freenetdevnetdev; pciiounmapdev, priv-dmaio; pciiounmapdev,...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdevpriv dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEVCHANGEUPPER and NETDEVPRECHANGEUPPER event in the system. static inline stru...
CVE-2024-26596 net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdevpriv dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEVCHANGEUPPER and NETDEVPRECHANGEUPPER event in the system. static inline stru...
CVE-2024-26596 net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdevpriv dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEVCHANGEUPPER and NETDEVPRECHANGEUPPER event in the system. static inline stru...
CVE-2024-26596
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdevpriv dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEVCHANGEUPPER and NETDEVPRECHANGEUPPER event in the system. static inline stru...
CVE-2024-26596
The CVE-2024-26596 entry concerns the Linux kernel net: dsa subsystem. The issue arises when handling NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER events: code dereferences netdev_priv(dev) unconditionally, but not all net_devices have a priv of type struct dsa_user_priv. This can read memory bey...
Linux kernel security vulnerabilities
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux Kernel that stems from a dereference issue in the netdevpriv method...