1197 matches found
UBUNTU-CVE-2021-47125
In the Linux kernel, the following vulnerability has been resolved: schhtb: fix refcount leak in htbparenttoleafoffload The commit ae81feb7338c "schhtb: fix null pointer dereference on a null newq" fixes a NULL pointer dereference bug, but it is not correct. Because htbgrafthelper properly handle...
CVE-2021-47131 net/tls: Fix use-after-free after the TLS device goes down and up
In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix use-after-free after the TLS device goes down and up When a netdev with active TLS offload goes down, tlsdevicedown is called to stop the offload and tear down the TLS context. However, the socket stays alive, and it...
CVE-2021-47131 net/tls: Fix use-after-free after the TLS device goes down and up
In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix use-after-free after the TLS device goes down and up When a netdev with active TLS offload goes down, tlsdevicedown is called to stop the offload and tear down the TLS context. However, the socket stays alive, and it...
CVE-2021-47131
In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix use-after-free after the TLS device goes down and up When a netdev with active TLS offload goes down, tlsdevicedown is called to stop the offload and tear down the TLS context. However, the socket stays alive, and it...
CVE-2021-47131
CVE-2021-47131 affects the Linux kernel net/tls offload path. The vulnerability occurs when a netdev with TLS offload goes down and then up while a TLS context is still referenced, risking use-after-free after a data flow resumes. Fixes keep the TLS context alive until normal destruction and add ...
openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...
CVE-2023-52530
A use-after-free flaw was found in the Linux kernel’s IEEE 802.11 networking stack implementation functionality, used by Wifi, in how a user triggers the error path of the ieee80211gtkrekeyadd function. This flaw allows a local user to crash the system...
DEBIAN-CVE-2023-52530
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211keylink is called by ieee80211gtkrekeyadd but returns 0 due to KRACK protection identical key reinstall, ieee80211gtkrekeyadd will still return a pointer into the key...
UBUNTU-CVE-2023-52530
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211keylink is called by ieee80211gtkrekeyadd but returns 0 due to KRACK protection identical key reinstall, ieee80211gtkrekeyadd will still return a pointer into the key...
OESA-2024-1240 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the...
SUSE CVE-2021-47036
In the Linux kernel, the following vulnerability has been resolved: udp: skip L4 aggregation for UDP tunnel packets If NETIFFGROFRAGLIST or NETIFFGROUDPFWD are enabled, and there are UDP tunnels available in the system, udpgroreceive could end-up doing L4 aggregation either SKBGSOUDPL4 or...
DEBIAN-CVE-2021-47036
In the Linux kernel, the following vulnerability has been resolved: udp: skip L4 aggregation for UDP tunnel packets If NETIFFGROFRAGLIST or NETIFFGROUDPFWD are enabled, and there are UDP tunnels available in the system, udpgroreceive could end-up doing L4 aggregation either SKBGSOUDPL4 or...
UBUNTU-CVE-2021-47036
In the Linux kernel, the following vulnerability has been resolved: udp: skip L4 aggregation for UDP tunnel packets If NETIFFGROFRAGLIST or NETIFFGROUDPFWD are enabled, and there are UDP tunnels available in the system, udpgroreceive could end-up doing L4 aggregation either SKBGSOUDPL4 or...
OESA-2024-1207 openvswitch security update
Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license. Security Fixes: A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses...
SUSE CVE-2023-52435
In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...
PT-2024-21627
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue arises in the resume code path of the Linux kernel, specifically in the wifi: iwlwifi: mvm module, where it assumes the TX queue for the offloading TID has been configured. If ...
PT-2024-7711 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to a memory leak in the nft flow offload component of the Linux kernel. Specifically, the issue arises when the direct xmit path is used, and the dst relea...
CVE-2022-23087
The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload "TSO". The e1000 device model uses an on-stack buffer to generat...
CVE-2022-23087
The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload "TSO". The e1000 device model uses an on-stack buffer to generat...
Stack overflow
The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload "TSO". The e1000 device model uses an on-stack buffer to generat...