6 matches found
CVE-2024-36489
In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tlsinit In tlsinit, a write memory barrier is missing, and store-store reordering may cause NULL dereference in tlssetsockopt,getsockopt. CPU0 CPU1 ----- ----- // In tlsinit // In tlsctxcreate c...
CVE-2024-36489 tls: fix missing memory barrier in tls_init
In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tlsinit In tlsinit, a write memory barrier is missing, and store-store reordering may cause NULL dereference in tlssetsockopt,getsockopt. CPU0 CPU1 ----- ----- // In tlsinit // In tlsctxcreate c...
CVE-2024-36489
CVE-2024-36489: Linux kernel TLS NULL pointer dereference risk due to a missing memory barrier in tls_init() (NULL ctx->sk_proto observed in tls_setsockopt/getsockopt). The fix relies on rcu_assign_pointer() (which implies a release barrier) and moves the assignment of ctx->sk_proto until a...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: net: fix possible store tearing in neighperiodicwork While looking at a related syzbot report involving neighperiodicwork, I found that I forgot to add an annotation when deleting an RCU protected item from a list. Readers use...
CVE-2023-52522 net: fix possible store tearing in neigh_periodic_work()
In the Linux kernel, the following vulnerability has been resolved: net: fix possible store tearing in neighperiodicwork While looking at a related syzbot report involving neighperiodicwork, I found that I forgot to add an annotation when deleting an RCU protected item from a list. Readers use...
CVE-2023-52522 net: fix possible store tearing in neigh_periodic_work()
In the Linux kernel, the following vulnerability has been resolved: net: fix possible store tearing in neighperiodicwork While looking at a related syzbot report involving neighperiodicwork, I found that I forgot to add an annotation when deleting an RCU protected item from a list. Readers use...