CVE-2024-50261

Mode C CVE-2024-50261 (macsec use-after-free) affects the Linux kernel’s macsec offload path. The issue stems from metadata_dst being freed prematurely in macsec_free_netdev() while a packet is still using it. The fix replaces metadata_dst freeing with dst_release() so that metadata_dst is not fr...

CVE-2024-50261 macsec: Fix use-after-free while sending the offloading packet

In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...

CVE-2024-50261

In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...

kernel: wifi: iwlwifi: mvm: ensure offloading TID queue exists

A vulnerability was found in the Linux kernel's iwlwifi driver for Intel wireless devices. This issue occurs when the system attempts to sync the TX queue for an offloading TID during resume, but the queue is not allocated if no packets have been sent on TID 0...

CVE-2024-36919

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Remove spinlockbh while releasing resources after upload The session resources are used by FW and driver when session is offloaded, once session is uploaded these resources are not used. The lock is not required as...

CVE-2024-27056

A vulnerability was found in the Linux kernel's iwlwifi driver for Intel wireless devices. This issue occurs when the system attempts to sync the TX queue for an offloading TID during resume, but the queue is not allocated if no packets have been sent on TID 0. Mitigation Mitigation for this issu...

DEBIAN-CVE-2024-27056

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may have been updated ...

AZL-67493 CVE-2024-27056 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may have been updated ...

UBUNTU-CVE-2024-27056

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may have been updated ...

CVE-2024-27056

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may have been updated ...

CVE-2024-27056

CVE-2024-27056 affects the Linux kernel wifi: iwlwifi mvm. The issue arises on resume: the TX queue for the offloading TID may not have been allocated if no packets were sent on TID 0, causing a crash when the code tries to sync the write pointer. The fix is to ensure the offloading TID queue exi...

CVE-2024-27056 wifi: iwlwifi: mvm: ensure offloading TID queue exists

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may have been updated ...

Fedora 40 : openvswitch (2024-1f26ce7731)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-1f26ce7731 advisory. Update to 3.3.0 Remove network-scripts subpackage starting from Fedora 40 Backport a simple fix to avoid SSL db: implementation test to fail It also...

CVE-2024-26719 nouveau: offload fence uevents work to workqueue

In the Linux kernel, the following vulnerability has been resolved: nouveau: offload fence uevents work to workqueue This should break the deadlock between the fctx lock and the irq lock. This offloads the processing off the work from the irq into a workqueue...

SUSE SLES15 Security Update : openvswitch (SUSE-SU-2024:0912-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0912-1 advisory. - A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service...

Incorrect Authorization

org.apache.pulsar, pulsar-broker is vulnerable to Incorrect Authorization. The vulnerability exists due to inadequate access controls to modify topic-level policies. Only users with the tenant admin or super user role should be permitted to perform such management operations, allowing authenticat...

CVE-2024-28098 Apache Pulsar: Improper Authorization For Topic-Level Policy Management

The vulnerability allows authenticated users with only produce or consume permissions to modify topic-level policies, such as retention, TTL, and offloading settings. These management operations should be restricted to users with the tenant admin role or super user role. This issue affects Apache...

USN-6690-1 openvswitch vulnerabilities

Timothy Redaelli and Haresh Khandelwal discovered that Open vSwitch incorrectly handled certain crafted Geneve packets when hardware offloading via the netlink path is enabled. A remote attacker could possibly use this issue to cause Open vSwitch to crash, leading to a denial of service...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Open vSwitch vulnerabilities (USN-6690-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6690-1 advisory. Timothy Redaelli and Haresh Khandelwal discovered that Open vSwitch incorrectly handled certain crafted Geneve packets when hardware...

PT-2024-2614 · Apache · Apache Pulsar

Name of the Vulnerable Software and Affected Versions: Apache Pulsar versions 2.7.1 through 2.10.5 Apache Pulsar versions 2.11.0 through 2.11.3 Apache Pulsar versions 3.0.0 through 3.0.2 Apache Pulsar versions 3.1.0 through 3.1.2 Apache Pulsar version 3.2.0 Description: The issue is related to...