12 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed a memory leak when the block address of a non-inlined pcluster is zero. Syzkaller reported a memory leak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed Unreferenced object...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipvlan: Added a helper function for ipvlanroutev6outbound. Inspired by reports from syzbot, which use multiple ipvlan devices in their stacks. The stack size required in ipvlanprocessv6outbound was reduced by moving the flowi6...
SUSE CVE-2022-50743
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 size 136: ... backtrace...
CVE-2022-50743
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 size 136: ... backtrace...
CVE-2022-50743 erofs: Fix pcluster memleak when its block address is zero
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 size 136: ... backtrace...
CVE-2022-50743
Summary (CVE-2022-50743): In the Linux kernel’s erofs subsystem, a memleak occurs when a non-inline pcluster has a zero block address during readahead. Syzkaller reproduced a case in z_erofs_register_pcluster() where map->m_pa is zero and ztailpacking is false, causing pcl->obj.index to be ...
CVE-2022-50743 erofs: Fix pcluster memleak when its block address is zero
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 size 136: ... backtrace...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not checking the block address of a non-inline pcluster, which could lead to a memory leak...
kernel: ext4: make sure the first directory block is not a hole
The syzbot constructs a directory that has no dirblock but is non-inline, i.e. the first directory block is a hole. And no errors are reported when creating files in this directory. Then, we get a directory block without '.' and '..' but with a valid dentry. This may cause some code that relies o...
SUSE CVE-2020-25017
Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. Envoy's setCopy header map API does not replace all existing occurences of a non-inline header...
UBUNTU-CVE-2023-52796
In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlanroutev6outbound helper Inspired by syzbot reports using a stack of multiple ipvlan devices. Reduce stack size needed in ipvlanprocessv6outbound by moving the flowi6 struct used for the route lookup in an non...
PT-2020-15892 · Envoy · Envoy
Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.15.0 Description: The issue arises because Envoy only considers the first value when multiple header values are present for some HTTP headers. Additionally, Envoy's setCopy header map API does not replace all existin...