4 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: xfrm: Policy: Fix metadata dst-dev xmit null pointer dereference When we try to transmit an skb with metadatadst attached i.e., dst-dev == NULL through the xfrm interface, we may encounter a null pointer dereference in xfrmixmit2...
gittuf's policy can be rolled back to prior valid versions
Summary An attacker with push access to gittuf's Reference State Log RSL can roll back the current policy to any previous policy trusted by the current set of root keys. Impact gittuf determines the policy to load by inspecting the RSL. Except for the very first policy which is automatically...
GHSA-VXVC-CG7J-RWQJ gittuf's policy can be rolled back to prior valid versions
Summary An attacker with push access to gittuf's Reference State Log RSL can roll back the current policy to any previous policy trusted by the current set of root keys. Impact gittuf determines the policy to load by inspecting the RSL. Except for the very first policy which is automatically...
SUSE CVE-2022-50004
In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix metadata dst-dev xmit null pointer dereference When we try to transmit an skb with metadatadst attached i.e. dst-dev == NULL through xfrm interface we can hit a null pointer dereference1 in xfrmixmit2 -...