184 matches found
CVE-2024-50128 net: wwan: fix global oob in wwan_rtnl_policy
In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwanrtnlpolicy The variable wwanrtnllinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as the oob fixed in commit...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a global out-of-bounds read issue in the net module, wwanrtnlpolicy, due to an overly large maxtype assigne...
Vulnerability of the __rtnl_newlink() function (net/core/rtnetlink.c) in the Linux operating system kernel, which allows a hacker to increase their privileges
The vulnerability of the rtnlnewlink function net/core/rtnetlink.c in the Linux operating system is related to the use of memory after it has been freed. Exploiting this vulnerability could allow an attacker to increase their privileges...
kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
A vulnerability was found in the Linux kernel's networking subsystem in the actapi implementation within the tcfidrcheckalloc function, which lead to a possible infinite loop when multiple actions with the same index are added, causing the second request to block indefinitely while holding the...
DEBIAN-CVE-2024-46766
In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...
CVE-2024-46765
In the Linux kernel, the following vulnerability has been resolved: ice: protect XDP configuration with a mutex The main threat to data consistency in icexdp is a possible asynchronous PF reset. It can be triggered by a user or by TX timeout handler. XDP setup and PF reset code access the same...
CVE-2024-46766
In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...
CVE-2024-46766
CVE-2024-46766 affects the Linux kernel, specifically the ice driver’s VSI handling. The issue comes from moving netif_queue_set_napi to rtnl-protected sections, since netif_queue_set_napi() could be invoked from ice_vsi_rebuild() without rtnl locking during reset. The recommended fix fills napi-...
CVE-2024-46766 ice: move netif_queue_set_napi to rtnl-protected sections
In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...
CVE-2024-46766 ice: move netif_queue_set_napi to rtnl-protected sections
In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...
CVE-2024-46766
In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...
CVE-2024-46766 ice: move netif_queue_set_napi to rtnl-protected sections
In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...
CVE-2024-46765 ice: protect XDP configuration with a mutex
In the Linux kernel, the following vulnerability has been resolved: ice: protect XDP configuration with a mutex The main threat to data consistency in icexdp is a possible asynchronous PF reset. It can be triggered by a user or by TX timeout handler. XDP setup and PF reset code access the same...
CVE-2024-46765 ice: protect XDP configuration with a mutex
In the Linux kernel, the following vulnerability has been resolved: ice: protect XDP configuration with a mutex The main threat to data consistency in icexdp is a possible asynchronous PF reset. It can be triggered by a user or by TX timeout handler. XDP setup and PF reset code access the same...
CVE-2024-46678
In the Linux kernel, the following vulnerability has been resolved: bonding: change ipseclock from spin lock to mutex In the cited commit, bond-ipseclock is added to protect ipseclist, hence xdodevstateadd and xdodevstatedelete are called inside this lock. As ipseclock is a spin lock and such...
CVE-2024-46678 bonding: change ipsec_lock from spin lock to mutex
In the Linux kernel, the following vulnerability has been resolved: bonding: change ipseclock from spin lock to mutex In the cited commit, bond-ipseclock is added to protect ipseclist, hence xdodevstateadd and xdodevstatedelete are called inside this lock. As ipseclock is a spin lock and such...
CVE-2024-46678 bonding: change ipsec_lock from spin lock to mutex
In the Linux kernel, the following vulnerability has been resolved: bonding: change ipseclock from spin lock to mutex In the cited commit, bond-ipseclock is added to protect ipseclist, hence xdodevstateadd and xdodevstatedelete are called inside this lock. As ipseclock is a spin lock and such...
CVE-2024-46678
CVE-2024-46678 affects the Linux kernel bonding subsystem. The root cause was ipsec_lock being a spin lock used to protect ipsec_list, but bond’s xfrm operations may sleep, triggering scheduling-while-atomic. The patch changes bond->ipsec_lock from a spin lock to a mutex, ensuring xdo_dev_stat...
CentOS 9 : kernel-5.14.0-505.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the kernel-5.14.0-505.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: net/smc: reduce rtnl pressure in smcpnetcreatepnetidslist Many syzbot report...
SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2024:2896-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2896-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were...