CVE-2022-23087 Bhyve e82545 device emulation out-of-bounds write

The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload "TSO". The e1000 device model uses an on-stack buffer to generat...

CVE-2022-23087

The CVE-2022-23087 issue affects the e1000 device emulation in bhyve on FreeBSD, where the device model uses an on‑stack buffer to modify transmitted packets. When checksum offload is requested, a guest‑provided checksum offset is accepted without validation for certain packet types, enabling a m...

Rockwell Automation Stratix Industrial Managed Ethernet Switch 7Pk Errors (CVE-2018-0155)

A vulnerability in the Bidirectional Forwarding Detection BFD offload implementation could allow an unauthenticated remote attacker to cause a crash of the iosd process, causing a DoS condition. The vulnerability is due to insufficient error handling when the BFD header in a BFD packet is...

kernel: net/mlx5e: Fix cleanup null-ptr deref on encap lock

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix cleanup null-ptr deref on encap lock During module is unloaded while a peer tc flow is still offloaded, first the peer uplink rep profile is changed to a nic profile, and so neigh encap lock is destroyed. Next duri...

kernel: Linux kernel: Local denial of service in skbuff due to improper network buffer handling

A flaw was found in the Linux kernel. A local user with low privileges could trigger a kernel bug by manipulating network packet buffer skbuff operations. Specifically, when a program uses a helper function to read data beyond the allocated buffer in certain Generic Segmentation Offload GSO...

kernel: drm/amdgpu: Fix memory leak in hpd_rx_irq_create_workqueue()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in hpdrxirqcreateworkqueue If construction of the array of work queues to handle hpdrxirq offload work fails, we need to unwind. Destroy all the created workqueues and the allocated memory for the...

kernel: drm/amdgpu: Fix memory leak in hpd_rx_irq_create_workqueue()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in hpdrxirqcreateworkqueue If construction of the array of work queues to handle hpdrxirq offload work fails, we need to unwind. Destroy all the created workqueues and the allocated memory for the...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2023-20006

A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to relo...

A use-after-free flaw was found in mt7921_check_offload_capability in drivers/net/wireless/mediatek/mt76/mt7921/init.c in wifi mt76/mt7921 sub-component in the Linux Kernel. This flaw could allow an attacker to crash the system after 'features' memory release. This vulnerability could even lead to a kernel information leak problem.

...

AZL-27335 CVE-2023-3317 affecting package kernel for versions less than 5.15.122.1-2

A use-after-free flaw was found in mt7921checkoffloadcapability in drivers/net/wireless/mediatek/mt76/mt7921/init.c in wifi mt76/mt7921 sub-component in the Linux Kernel. This flaw could allow an attacker to crash the system after 'features' memory release. This vulnerability could even lead to a...

CLSA-2023-1686651204 kernel: Fix of 25 CVEs

cgroup: Use open-time cgroup namespace for process migration perm checks CVE-2021-4197 - cgroup: Use open-time credentials for process migraton perm checks CVE-2021-4197 - vt: drop old FONT ioctls CVE-2021-33656 - fbmem: Check virtual screen sizes in fbsetvar CVE-2021-33655 - fbcon: Prevent that...

kernel: netfilter: flowtable: fix stuck flows on cleanup due to pending work

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: fix stuck flows on cleanup due to pending work To clear the flow table on flow table free, the following sequence normally happens in order: 1 gcstep work is stopped to disable any further stats/del requests...

kernel: can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32 bits

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo,echotxevent: shift timestamp to full 32 bits In commit 1be37d3b0414 "can: mcan: fix periph RX path: use rx-offload to ensure skbs are sent from softirq context" the RX path for peripheral devices was...

kernel: netfilter: flowtable_offload: fix using __this_cpu_add in preemptible

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtableoffload: fix using thiscpuadd in preemptible flowoffloadqueuework can be called in workqueue without bh disabled, like the call trace showed in my actct testing, calling NFFLOWTABLESTATINC there would cause a...

PT-2025-8592 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the m can core. The issue involves the handling of timestamps for received CAN frames. The m can core uses 16-bit wide...

CVE-2023-20049

A vulnerability in the bidirectional forwarding detection BFD hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote...

Cisco ASR 9000 Series 缓冲区错误漏洞

Cisco IOS and others are products of Cisco, Inc.Cisco IOS is a set of operating systems developed for its network devices.Cisco ASR 900 is a 900 Series Aggregation Services Router.Cisco ASR 9000 is a 9000 Series Aggregation Services Router. A security vulnerability exists in the Cisco ASR 9000...

Cisco IOS XR Software for ASR 9000 Series Routers Bidirectional Forwarding Detection Denial of Service Vulnerability

A vulnerability in the bidirectional forwarding detection BFD hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote...

SUSE CVE-2011-1478

The napireuseskb function in net/core/dev.c in the Generic Receive Offload GRO implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service NULL pointer dereference via a malformed VLAN fra...