11 matches found
CVE-2025-71093
In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000tbishouldaccept In e1000tbishouldaccept we read the last byte of the frame via 'datalength - 1' to evaluate the TBI workaround. If the descriptor- reported length is zero or larger than the actual RX buffer...
CVE-2025-71093 e1000: fix OOB in e1000_tbi_should_accept()
In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000tbishouldaccept In e1000tbishouldaccept we read the last byte of the frame via 'datalength - 1' to evaluate the TBI workaround. If the descriptor- reported length is zero or larger than the actual RX buffer...
SUSE CVE-2025-68321
In the Linux kernel, the following vulnerability has been resolved: pagepool: always add GFPNOWARN for ATOMIC allocations Driver authors often forget to add GFPNOWARN for page allocation from the datapath. This is annoying to users as OOMs are a fact of life, and we pretty much expect network Rx ...
kernel: can: peak_usb: fix use after free bugs
In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix use after free bugs After calling peakusbnetifrxniskb, dereferencing skb is unsafe. Especially, the canframe cf which aliases skb memory is accessed after the peakusbnetifrxni. Reordering the lines solves the...
kernel: can: peak_usb: fix use after free bugs
In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix use after free bugs After calling peakusbnetifrxniskb, dereferencing skb is unsafe. Especially, the canframe cf which aliases skb memory is accessed after the peakusbnetifrxni. Reordering the lines solves the...
CLSA-2024-1733142398 kernel: Fix of 6 CVEs
hwmon: ibmpex Fix possible UAF when ibmpexregisterbmc fails CVE-2022-49029 - ppp: fix pppasyncencode illegal access CVE-2024-50035 - ext4: no need to continue when the number of entries is 1 CVE-2024-49967 - net/packet: fix slab-out-of-bounds access in packetrecvmsg CVE-2022-20368 - packet: in...
SUSE CVE-2022-49015
In the Linux kernel, the following vulnerability has been resolved: net: hsr: Fix potential use-after-free The skb is delivered to netifrx which may free it, after calling this, dereferencing skb may trigger use-after-free...
UBUNTU-CVE-2024-42110
In the Linux kernel, the following vulnerability has been resolved: net: ntbnetdev: Move ntbnetdevrxhandler to call netifrx from netifrx The following is emitted when using idxd DSA dmanegine as the data mover for ntbtransport that ntbnetdev uses. 74412.546922 BUG: using smpprocessorid in...
rsyslog: Heap-based overflow in TCP syslog server
A flaw was found in rsyslog's reception TCP modules. This flaw allows an attacker to craft a malicious message leading to a heap-based buffer overflow. This issue allows the attacker to corrupt or access data stored in memory, leading to a denial of service in the rsyslog or possible remote code...
QEMU: rtl8139: integer overflow leads to buffer overflow
An integer overflow issue was found in the RTL8139 NIC emulation in QEMU. It could occur while receiving packets over the network if the size value is greater than INTMAX. Such overflow would lead to stack buffer overflow issue. A user inside guest could use this flaw to crash the QEMU process,...
CVE-2006-7095
Integer signedness error in the networkreceivepacket function in socket.c in dimension 3 engine dim3 1.5 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large datalen value, which is cast to a signed short and results in...