Astra Linux - уязвимость в linux-5.10, linux

A vulnerability related to out-of-bounds memory access was discovered in the Linux kernel’s TUN/TAP device driver functionality. This vulnerability occurs when a user generates a malicious excessively large network packet while napi frags is enabled. This flaw allows a local user to cause a syste...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: Error handling in the inittask during loading was fixed. If the inittask fails during driver loading, we end up with no vports and netdevs, effectively failing the entire process. In that state, a subsequent reset will resu...

kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw

In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40eclearhw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer underflow by changing the...

USN-7516-4 linux-oracle-5.4 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver;...

CVE-2024-53044 net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext()

In the Linux kernel, the following vulnerability has been resolved: net/sched: schapi: fix xainsert error path in tcfblockgetext This command: $ tc qdisc replace dev eth0 ingressblock 1 egressblock 1 clsact Error: block dev insert failed: -EBUSY. fails because user space requests the same block...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Cisco ASA 8.4.4.6 8.2.5.32 - Ethernet Information Leak

Cisco ASA 8.4.4.6 8.2.5.32 - Ethernet Information Leak !/usr/bin/env python CVE-2003-0001 'Etherleak' exploit ================================= Exploit for hosts which use a network device driver that pads ethernet frames with data which vary from one packet to another, likely taken from kernel...

Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure

source: https://www.securityfocus.com/bid/6535/info Network device drivers for several vendors have been reported to disclose potentially sensitive information to attackers. Frames that are smaller than the minimum frame size should have the unused portion of the frame buffer padded with null or...