CVE-2022-49649

CVE-2022-49649 affects the Linux kernel under xen_netback, where xenvif_rx_next_skb() can be called with an empty RX queue during repeated iterations in xenvif_rx_action(), risking a kernel NULL pointer dereference. The provided crash trace centers on xenvif_rx_skb() and the related netback loop....

CVE-2022-49649 xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue

In the Linux kernel, the following vulnerability has been resolved: xen/netback: avoid entering xenvifrxnextskb with an empty rx queue xenvifrxnextskb is expecting the rx queue not being empty, but in case the loop in xenvifrxaction is doing multiple iterations, the availability of another skb in...

CVE-2022-49649 xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue

In the Linux kernel, the following vulnerability has been resolved: xen/netback: avoid entering xenvifrxnextskb with an empty rx queue xenvifrxnextskb is expecting the rx queue not being empty, but in case the loop in xenvifrxaction is doing multiple iterations, the availability of another skb in...

CVE-2022-49096 net: sfc: add missing xdp queue reinitialization

In the Linux kernel, the following vulnerability has been resolved: net: sfc: add missing xdp queue reinitialization After rx/tx ring buffer size is changed, kernel panic occurs when it acts XDPTX or XDPREDIRECT. When tx/rx ring buffer size is changedethtool -G, sfc driver reallocates and...

CVE-2022-49093 skbuff: fix coalescing for page_pool fragment recycling

In the Linux kernel, the following vulnerability has been resolved: skbuff: fix coalescing for pagepool fragment recycling Fix a use-after-free when using pagepool with page fragments. We encountered this problem during normal RX in the hns3 driver: 1 Initially we have three descriptors in the RX...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Packets are queued in the IRQ handler instead of being disabled during the BH handling process. Currently, the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction in the softir...

CVE-2024-57933

In the Linux kernel, the following vulnerability has been resolved: gve: guard XSK operations on the existence of queues This patch predicates the enabling and disabling of XSK pools on the existence of queues. As it stands, if the interface is down, disabling or enabling XSK pools would result i...

CVE-2021-47562 ice: fix vsi->txq_map sizing

In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi-txqmap sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi-txqmap's size is equal t...

CVE-2024-35834

In the Linux kernel, the following vulnerability has been resolved: xsk: recycle buffer in case Rx queue was full Add missing xskbufffree call when xskrcvzc failed to produce descriptor to XSK Rx queue...

DEBIAN-CVE-2024-35834

In the Linux kernel, the following vulnerability has been resolved: xsk: recycle buffer in case Rx queue was full Add missing xskbufffree call when xskrcvzc failed to produce descriptor to XSK Rx queue...

CVE-2024-35834

In the Linux kernel, the following vulnerability has been resolved: xsk: recycle buffer in case Rx queue was full Add missing xskbufffree call when xskrcvzc failed to produce descriptor to XSK Rx queue...

CVE-2024-35834 xsk: recycle buffer in case Rx queue was full

In the Linux kernel, the following vulnerability has been resolved: xsk: recycle buffer in case Rx queue was full Add missing xskbufffree call when xskrcvzc failed to produce descriptor to XSK Rx queue...

CVE-2024-35834 xsk: recycle buffer in case Rx queue was full

In the Linux kernel, the following vulnerability has been resolved: xsk: recycle buffer in case Rx queue was full Add missing xskbufffree call when xskrcvzc failed to produce descriptor to XSK Rx queue...

DEBIAN-CVE-2024-27431

In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdprxqinfo struct before running XDP program When running an XDP program that is attached to a cpumap entry, we don't initialise the xdprxqinfo data structure being used in the xdpbuff that backs the XDP...

UBUNTU-CVE-2024-27431

In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdprxqinfo struct before running XDP program When running an XDP program that is attached to a cpumap entry, we don't initialise the xdprxqinfo data structure being used in the xdpbuff that backs the XDP...

CVE-2021-47024

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b "vsock/virtio: free packets during the socket...

CVE-2021-47024

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b "vsock/virtio: free packets during the socket...

UBUNTU-CVE-2021-47024

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b "vsock/virtio: free packets during the socket...

CVE-2021-47024 vsock/virtio: free queued packets when closing socket

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b "vsock/virtio: free packets during the socket...

CVE-2021-47024

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b "vsock/virtio: free packets during the socket...