9 matches found
CVE-2022-49814
In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more than just skb queue. However, kcmrecvmsg still only grabs the skb que...
kernel: Bluetooth: af_bluetooth: Fix deadlock
A flaw was found in the Linux kernel’s Bluetooth subsystem, specifically within the afbluetooth module. The issue arises when attempting to perform a socklock on the .recvmsg method, leading to a deadlock situation. In this scenario, multiple tasks wait indefinitely for a resource, causing...
CVE-2024-36972
In the Linux kernel, the following vulnerability has been resolved: afunix: Update unixsksk-oobskb under skreceivequeue lock. Billy Jheng Bing-Jhong reported a race between unixgc and queueoob. unixgc tries to garbage-collect closed inflight sockets, and then if the socket has MSGOOB in...
CVE-2024-36972
In the Linux kernel, the following vulnerability has been resolved: afunix: Update unixsksk-oobskb under skreceivequeue lock. Billy Jheng Bing-Jhong reported a race between unixgc and queueoob. unixgc tries to garbage-collect closed inflight sockets, and then if the socket has MSGOOB in...
CVE-2024-36972 af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock.
In the Linux kernel, the following vulnerability has been resolved: afunix: Update unixsksk-oobskb under skreceivequeue lock. Billy Jheng Bing-Jhong reported a race between unixgc and queueoob. unixgc tries to garbage-collect closed inflight sockets, and then if the socket has MSGOOB in...
CVE-2024-36972 af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock.
In the Linux kernel, the following vulnerability has been resolved: afunix: Update unixsksk-oobskb under skreceivequeue lock. Billy Jheng Bing-Jhong reported a race between unixgc and queueoob. unixgc tries to garbage-collect closed inflight sockets, and then if the socket has MSGOOB in...
GSD-2022-1008291 kcm: close race conditions on sk_receive_queue
kcm: close race conditions on skreceivequeue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.300 by commit...
GSD-2022-1008146 kcm: close race conditions on sk_receive_queue
kcm: close race conditions on skreceivequeue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.225 by commit...
GSD-2022-1008044 kcm: close race conditions on sk_receive_queue
kcm: close race conditions on skreceivequeue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.156 by commit...