103 matches found
CVE-2024-36017
The CVE-2024-36017 entry is valid and has concrete details in connected sources. The vulnerability is in the Linux kernel rtnetlink path: nested IFLA_VF_VLAN_LIST attributes are assumed to be struct ifla_vf_vlan_info (size 14 bytes). Validation used NLA_HDRLEN (4 bytes), enabling a too-small attr...
CVE-2024-36017 rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLAVFVLANLIST attribute validation Each attribute inside a nested IFLAVFVLANLIST is assumed to be a struct iflavfvlaninfo so the size of such attribute needs to be at least of sizeofstruct iflavfvlaninf...
CVE-2024-36017 rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLAVFVLANLIST attribute validation Each attribute inside a nested IFLAVFVLANLIST is assumed to be a struct iflavfvlaninfo so the size of such attribute needs to be at least of sizeofstruct iflavfvlaninf...
CVE-2024-36017 rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLAVFVLANLIST attribute validation Each attribute inside a nested IFLAVFVLANLIST is assumed to be a struct iflavfvlaninfo so the size of such attribute needs to be at least of sizeofstruct iflavfvlaninf...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a flaw in the validation of the IFLAVFVLANLIST attribute of the rtnetlink module...
SUSE CVE-2024-27414
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLABRIDGEFLAGS writing back In the commit d73ef2d69c0d "rtnetlink: let rtnlbridgesetlink checks IFLABRIDGEMODE length", an adjustment was made to the old loop logic in the function rtnlbridgesetlink...
CVE-2024-27414
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLABRIDGEFLAGS writing back In the commit d73ef2d69c0d "rtnetlink: let rtnlbridgesetlink checks IFLABRIDGEMODE length", an adjustment was made to the old loop logic in the function rtnlbridgesetlink...
CVE-2024-27414
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLABRIDGEFLAGS writing back In the commit d73ef2d69c0d "rtnetlink: let rtnlbridgesetlink checks IFLABRIDGEMODE length", an adjustment was made to the old loop logic in the function rtnlbridgesetlink...
DEBIAN-CVE-2024-27414
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLABRIDGEFLAGS writing back In the commit d73ef2d69c0d "rtnetlink: let rtnlbridgesetlink checks IFLABRIDGEMODE length", an adjustment was made to the old loop logic in the function rtnlbridgesetlink...
CVE-2024-27414
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLABRIDGEFLAGS writing back In the commit d73ef2d69c0d "rtnetlink: let rtnlbridgesetlink checks IFLABRIDGEMODE length", an adjustment was made to the old loop logic in the function rtnlbridgesetlink...
CVE-2024-27414 rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLABRIDGEFLAGS writing back In the commit d73ef2d69c0d "rtnetlink: let rtnlbridgesetlink checks IFLABRIDGEMODE length", an adjustment was made to the old loop logic in the function rtnlbridgesetlink...
CVE-2024-27414 rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLABRIDGEFLAGS writing back In the commit d73ef2d69c0d "rtnetlink: let rtnlbridgesetlink checks IFLABRIDGEMODE length", an adjustment was made to the old loop logic in the function rtnlbridgesetlink...
CVE-2024-27414
CVE-2024-27414 affects the Linux kernel. The issue was in rtnetlink: the error handling logic when writing back IFLA_BRIDGE_FLAGS could use a broken pointer due to the loop modification that checked IFLA_BRIDGE_MODE length and removed a break. This caused the code path to select the last NLA, pot...
CVE-2024-27414
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLABRIDGEFLAGS writing back In the commit d73ef2d69c0d "rtnetlink: let rtnlbridgesetlink checks IFLABRIDGEMODE length", an adjustment was made to the old loop logic in the function rtnlbridgesetlink...
CVE-2024-27414 rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLABRIDGEFLAGS writing back In the commit d73ef2d69c0d "rtnetlink: let rtnlbridgesetlink checks IFLABRIDGEMODE length", an adjustment was made to the old loop logic in the function rtnlbridgesetlink...
Unbreakable Enterprise kernel security update
4.14.35-2047.530.5.1 - Revert 'rtnetlink: Reject negative ifindexes in RTMNEWLINK' Saeed Mirzamohammadi Orabug: 35896831 4.14.35-2047.530.5 - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c Kyle Zeng Orabug: 35824288 CVE-2023-42753 - netfilter: xtu32: validate...
SUSE CVE-2013-2635
The rtnlfillifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.512.6.el7 - Revert 'rds/ib: recover rds connection from stuck rx path' Rohit Nair Orabug: 34039271 - uek-rpm: update kABI lists for new symbols Saeed Mirzamohammadi Orabug: 33993774 4.14.35-2047.512.5 - netfilter: nftables: initialize registers in nftdochain Pablo Neira Ayuso Orabug:...
Unbreakable Enterprise kernel security update
4.14.35-2047.512.6 - Revert 'rds/ib: recover rds connection from stuck rx path' Rohit Nair Orabug: 34039271 - uek-rpm: update kABI lists for new symbols Saeed Mirzamohammadi Orabug: 33993774 4.14.35-2047.512.5 - netfilter: nftables: initialize registers in nftdochain Pablo Neira Ayuso Orabug:...
GSD-2022-1000646 rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
rtnetlink: make sure to refresh masterdev/mops in rtnlnewlink This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.6 by commit...