PT-2024-11813 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel, specifically in the net/mlx5e module, related to IPoIB and Block PKEY interfaces with less rx queues than the parent. The issue...

kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c

A flaw was found in the Linux kernel. A local attacker, able to inject conntrack netlink configuration, could overflow a local buffer causing crashes or triggering the use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c. The highest threat from thi...

Oracle Linux 8 : kernel (ELSA-2021-0003)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-0003 advisory. - net netfilter: ctnetlink: add a range check for l3/l4 protonum Florian Westphal 1892665 1892666 CVE-2020-25211 Tenable has extracted the preceding description...

Amazon Linux AMI : kernel (ALAS-2020-1446)

The version of kernel installed on the remote host is prior to 4.14.203-116.332. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1446 advisory. In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to...

Design/Logic Flaw

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c, aka CID-1cc5ef91d2ff...

CVE-2020-25211

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c, aka CID-1cc5ef91d2ff...