30 matches found
EUVD-2024-36321
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-47103
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inet: fully convert sk-skrxdst to RCU rules syzbot reported various issues around early demux, one being included in this changelog 1 sk-skrxdst is using RCU...
Azure Linux 3.0 Security Update: kernel (CVE-2024-36971)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36971 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race...
CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2024-26961)
The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26961 advisory. - In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resourc...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-36971)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36971 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race...
CVE-2024-36971
A use-after-free flaw was found in the Linux kernel's network route management. This flaw allows an attacker to alter the behavior of certain network connections. Mitigation Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical...
SUSE CVE-2024-36971
In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when sk-dstcache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk-skdstcache, then call dstreleaseolddst. Note...
CVE-2024-36971
In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when sk-dstcache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk-skdstcache, then call dstreleaseolddst. Note...
DEBIAN-CVE-2024-36971
In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when sk-dstcache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk-skdstcache, then call dstreleaseolddst. Note...
AZL-42615 CVE-2024-36971 affecting package kernel for versions less than 6.6.35.1-4
In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when sk-dstcache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk-skdstcache, then call dstreleaseolddst. Note...
AZL-42622 CVE-2024-36971 affecting package kernel for versions less than 5.15.158.2-1
In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when sk-dstcache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk-skdstcache, then call dstreleaseolddst. Note...
CVE-2024-36971
In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when sk-dstcache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk-skdstcache, then call dstreleaseolddst. Note...
CVE-2024-36971 net: fix __dst_negative_advice() race
In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when sk-dstcache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk-skdstcache, then call dstreleaseolddst. Note...
CVE-2024-36971 net: fix __dst_negative_advice() race
In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when sk-dstcache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk-skdstcache, then call dstreleaseolddst. Note...
CVE-2024-36971
CVE-2024-36971 is a Linux kernel vulnerability where __dst_negative_advice() did not enforce correct RCU rules when sk->dst_cache needed clearing, allowing a possible use-after-free. The issue arises from the wrong clearance order relative to dst_release(old_dst); ip6_negative_advice() has spe...
CVE-2024-36971
In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when sk-dstcache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk-skdstcache, then call dstreleaseolddst. Note...
CVE-2024-26961
In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154llseckeydel mac802154llseckeydel can free resources of a key directly without following the RCU rules for waiting before the end of a grace period. This may lead to...
CVE-2024-26961
In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154llseckeydel mac802154llseckeydel can free resources of a key directly without following the RCU rules for waiting before the end of a grace period. This may lead to...
CVE-2024-26961 mac802154: fix llsec key resources release in mac802154_llsec_key_del
In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154llseckeydel mac802154llseckeydel can free resources of a key directly without following the RCU rules for waiting before the end of a grace period. This may lead to...
CVE-2024-26961 mac802154: fix llsec key resources release in mac802154_llsec_key_del
In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154llseckeydel mac802154llseckeydel can free resources of a key directly without following the RCU rules for waiting before the end of a grace period. This may lead to...