SUSE CVE-2011-2723

The skbgroheaderslow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload GRO is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service system crash via crafted network traffic...

SUSE CVE-2011-4326

The udp6ufofragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload UFO configuration is enabled, allows remote attackers to cause a denial of service system crash by sending fragmented IPv6 UDP packets to a bridge device...

SUSE CVE-2012-6703

Integer overflow in the sndcomprallocatebuffer function in sound/core/compressoffload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service insufficient memory allocation or possibly have unspecified other impact via a crafted...

SUSE CVE-2013-4387

net/ipv6/ip6output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload UFO processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service memory corruption and system crash or...

SUSE CVE-2013-4470

The Linux kernel before 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service memory corruption and system crash or possibly gain privileges via a crafted application that uses the UDPCORK...

SUSE CVE-2013-4563

The udp6ufofragment function in net/ipv6/udpoffload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly perform a certain size comparison before inserting a fragment header, which allows remote attackers to cause a denial of service panic via a lar...

SUSE CVE-2014-9904

The sndcompresscheckinput function in sound/core/compressoffload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service insufficient memory allocation or possibly have unspecified other impact...

SUSE CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors...

SUSE CVE-2017-11122

On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading...

SUSE CVE-2017-1000112

Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSGMORE ipappenddata calls ipufoappenddata to append. However in between two send calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In...

SUSE CVE-2020-10720

A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system...

SUSE CVE-2022-25636

net/netfilter/nfdupnetdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nftablesoffload...

GSD-2023-1000037 netfilter: flowtable_offload: fix using __this_cpu_add in preemptible

netfilter: flowtableoffload: fix using thiscpuadd in preemptible This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.13 by commit...

PT-2023-33114 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue is related to the use of this cpu add in preemptible context in flowtable offload in netfilter. The actual impact and attack plausibility have not yet been proven. Recommendations:...

kernel: netfilter: flowtable: fix stuck flows on cleanup due to pending work

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: fix stuck flows on cleanup due to pending work To clear the flow table on flow table free, the following sequence normally happens in order: 1 gcstep work is stopped to disable any further stats/del requests...

kernel security and bug fix update

An update is available for kernel. This update affects Rocky Linux SIG Cloud 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux...

App Layering - PVS Connector with Offload Enabled - Task Error "404 (Not Found)"

App Layering PVS connector with offload enabled "An unexpected system error occurred. Retry the operation or contact technical support. Exception Message: Response status code does not indicate success: 404 Not Found"...

ALSA-2023:0101 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: memory corruption in AX88179178A based USB ethernet device. CVE-2022-2964 kernel: i915: Incorrect GPU TLB flush can lead to random memory access CVE-2022-4139 For more details about the...

PT-2022-36433 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.225 Description: A potential issue exists in the Linux Kernel, specifically related to the gso Generic Segmentation Offload functionality, where a panic can occur when dealing with a frag list that contains...

PT-2024-11841

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the netfilter: flowtable offload. The issue arises when flow offload queue work is called in a workqueue without bh...