CVE-2022-49014

CVE-2022-49014 affects the Linux kernel net/tun subsystem. A use-after-free occurs in tun_detach() when sock_put() drops the last reference to struct net before net notifier code (notifier_call_chain/netdev_state_change) has finished accessing it. The patch fixes this by calling sock_put() from t...

CVE-2022-49014 net: tun: Fix use-after-free in tun_detach()

In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach syzbot reported use-after-free in tundetach 1. This causes call trace like below: ================================================================== BUG: KASAN: use-after-free in...

CVE-2022-49014 net: tun: Fix use-after-free in tun_detach()

In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach syzbot reported use-after-free in tundetach 1. This causes call trace like below: ================================================================== BUG: KASAN: use-after-free in...

CVE-2024-36005 netfilter: nf_tables: honor table dormant flag from netdev release event path

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: honor table dormant flag from netdev release event path Check for table dormant flag otherwise netdev release event path tries to unregister an already unregistered hook. 524854.857999 ------------ cut here...

CVE-2024-26631

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: fix data-race in ipv6mcdown / mldifcwork idev-mcifccount can be written over without proper locking. Originally found by syzbot 1, fix this issue by encapsulating calls to mldifcstopwork and mldgqstopwork for good...