219 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-26820
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Register VF in netvscprobe if NETDEVICEREGISTER missed If hvnetvsc driver is...
Linux Distros Unpatched Vulnerability : CVE-2021-47139
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: hns3: put off calling registernetdev until client initialize complete Currently, the netdevice is registered before client initializing complete. So there ...
SUSE CVE-2022-49127
In the Linux kernel, the following vulnerability has been resolved: reftracker: implement use-after-free detection Whenever reftrackerdirinit is called, mark the struct reftrackerdir as dead. Test the dead status from reftrackeralloc and reftrackerfree This should detect buggy devput/devhold...
DEBIAN-CVE-2022-49127
In the Linux kernel, the following vulnerability has been resolved: reftracker: implement use-after-free detection Whenever reftrackerdirinit is called, mark the struct reftrackerdir as dead. Test the dead status from reftrackeralloc and reftrackerfree This should detect buggy devput/devhold...
CVE-2022-49378 sfc: fix considering that all channels have TX queues
In the Linux kernel, the following vulnerability has been resolved: sfc: fix considering that all channels have TX queues Normally, all channels have RX and TX queues, but this is not true if modparam efxseparatetxchannels=1 is used. In that cases, some channels only have RX queues and others onl...
CVE-2022-49127 ref_tracker: implement use-after-free detection
In the Linux kernel, the following vulnerability has been resolved: reftracker: implement use-after-free detection Whenever reftrackerdirinit is called, mark the struct reftrackerdir as dead. Test the dead status from reftrackeralloc and reftrackerfree This should detect buggy devput/devhold...
CVE-2022-49127 ref_tracker: implement use-after-free detection
In the Linux kernel, the following vulnerability has been resolved: reftracker: implement use-after-free detection Whenever reftrackerdirinit is called, mark the struct reftrackerdir as dead. Test the dead status from reftrackeralloc and reftrackerfree This should detect buggy devput/devhold...
CVE-2022-49127 ref_tracker: implement use-after-free detection
In the Linux kernel, the following vulnerability has been resolved: reftracker: implement use-after-free detection Whenever reftrackerdirinit is called, mark the struct reftrackerdir as dead. Test the dead status from reftrackeralloc and reftrackerfree This should detect buggy devput/devhold...
CVE-2024-26596
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdevpriv dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEVCHANGEUPPER and NETDEVPRECHANGEUPPER event in the system. static inline stru...
PT-2026-5508
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the J1939 protocol. Specifically, the j1939 session activate function may succeed even after the network device has been unregistered via j19...
SUSE CVE-2024-53237
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in deviceforeachchild Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-after-free in deviceforeachchild+0x18f/0x1a0 Read of size 8 at addr ffff88801f605308 by task kbnepd bnep0/498...
CVE-2024-50252 mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumipip: Fix memory leak when changing remote IPv6 address The device stores IPv6 addresses that are used for encapsulation in linear memory that is managed by the driver. Changing the remote address of an ip6gre net...
CVE-2024-50252 mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumipip: Fix memory leak when changing remote IPv6 address The device stores IPv6 addresses that are used for encapsulation in linear memory that is managed by the driver. Changing the remote address of an ip6gre net...
net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events
...
SUSE CVE-2022-48972
In the Linux kernel, the following vulnerability has been resolved: mac802154: fix missing INITLISTHEAD in ieee802154ifadd Kernel fault injection test reports null-ptr-deref as follows: BUG: kernel NULL pointer dereference, address: 0000000000000008 RIP: 0010:cfg802154netdevnotifiercall+0x120/0x3...
DEBIAN-CVE-2022-48972
In the Linux kernel, the following vulnerability has been resolved: mac802154: fix missing INITLISTHEAD in ieee802154ifadd Kernel fault injection test reports null-ptr-deref as follows: BUG: kernel NULL pointer dereference, address: 0000000000000008 RIP: 0010:cfg802154netdevnotifiercall+0x120/0x3...
UBUNTU-CVE-2022-48984
In the Linux kernel, the following vulnerability has been resolved: can: slcan: fix freed work crash The LTP test pty03 is causing a crash in slcan: BUG: kernel NULL pointer dereference, address: 0000000000000008 PF: supervisor read access in kernel mode PF: errorcode0x0000 - not-present page PGD...
CVE-2024-47707 ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid possible NULL deref in rt6uncachedlistflushdev Blamed commit accidentally removed a check for rt-rt6iidev being NULL, as spotted by syzbot: Oops: general protection fault, probably for non-canonical address...
CLSA-2024-1722535085 Fix of 18 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code Bionic update: upstream stable patchset 2021-06-01 LP: 1930472 // CVE- url: https://ubuntu.com/security/CVE-2021-46960 - cifs: Return correct error code from smb2getenckey CVE-url:...
SUSE CVE-2022-48850
In the Linux kernel, the following vulnerability has been resolved: net-sysfs: add check for netdevice being present to speedshow When bringing down the netdevice or system shutdown, a panic can be triggered while accessing the sysfs path because the device is already removed. 755.549084 mlx5core...