CVE-2024-40944

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to ccplatformhas triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by loadsegments and GSBASE is now 0 but call depth...

OESA-2024-1835 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadgets null ptr deref on 10gbps cabling. This avoids a null pointer dereference in...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a random segment error in the parisc architecture...

SUSE CVE-2024-39490

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix missing skbuff release in seg6inputcore The seg6input function is responsible for adding the SRH into a packet, delegating the operation to the seg6inputcore. This function uses the skbcowhead to ensure that there i...

CVE-2024-39555

An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service DoS. Continued recei...

CVE-2024-39555

An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service DoS. Continued recei...

CVE-2024-39555 Junos OS and Junos OS Evolved: Receipt of a specific malformed BGP update causes the session to reset

An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service DoS. Continued recei...

CVE-2024-39555

Summary of vulnerability (CVE-2024-39555): Juniper Networks Junos OS and Junos OS Evolved RPD mishandles certain malformed BGP Update messages when segment routing is enabled, causing session resets and potential DoS. A remote attacker must have at least one established BGP session; affected are ...

DEBIAN-CVE-2024-39489

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6hmacinitalgo seg6hmacinitalgo returns without cleaning up the previous allocations if one fails, so it's going to leak all that memory and the crypto tfms. Update seg6hmacexit to only free the memory...

DEBIAN-CVE-2024-39490

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix missing skbuff release in seg6inputcore The seg6input function is responsible for adding the SRH into a packet, delegating the operation to the seg6inputcore. This function uses the skbcowhead to ensure that there i...

UBUNTU-CVE-2024-39490

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix missing skbuff release in seg6inputcore The seg6input function is responsible for adding the SRH into a packet, delegating the operation to the seg6inputcore. This function uses the skbcowhead to ensure that there i...

PT-2024-29801 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises from a change in how the maximum segment size is handled, specifically in the sdhci component. The function blk queue max segment size ensures that the maximum size is...

PT-2024-32172

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the Linux kernel, where the lwt seg6 related BPF ops can be invoked via bpf test run without entering input action end bpf first. This is because the per-CPU...

kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref

A use-after-free flaw was found in the Linux kernel’s IPv6 protocol functionality. This flaw allows a local user to potentially crash the system...

kernel: RDMA/mlx5: Fix fortify source warning while accessing Eth segment

A flaw was found in the Linux kernel's mlx5 InfiniBand driver. Certain scenarios could lead to a use-after-free issue, potentially allowing an attacker to escalate their privileges or affect system integrity or stability...

kernel: RDMA/mlx5: Fix fortify source warning while accessing Eth segment

A flaw was found in the Linux kernel's mlx5 InfiniBand driver. Certain scenarios could lead to a use-after-free issue, potentially allowing an attacker to escalate their privileges or affect system integrity or stability...

RDMA/mlx5: Fix fortify source warning while accessing Eth segment

...

DEBIAN-CVE-2024-37078

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential kernel bug due to lack of writeback flag waiting Destructive writes to a block device on which nilfs2 is mounted can cause a kernel bug in the folio/page writeback start routine or writeback end routine...

UBUNTU-CVE-2024-37078

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential kernel bug due to lack of writeback flag waiting Destructive writes to a block device on which nilfs2 is mounted can cause a kernel bug in the folio/page writeback start routine or writeback end routine...

PT-2024-5567 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.4R3-S8 Junos OS versions from 22.2 before 22.2R3-S4 Junos OS versions from 22.3 before 22.3R3-S3 Junos OS versions from 22.4 before 22.4R3-S3 Junos OS versions from 23.2 before 23.2R2-S1 Junos OS versions from 23...