8 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
A flaw was discovered in the Linux kernel’s Layer 2 Tunneling Protocol L2TP. Clearing the skuserdata can result in a race condition and NULL pointer dereferencing. A local user could exploit this flaw to potentially crash the system, causing a denial of service...
CVE-2023-54142
In the Linux kernel, the following vulnerability has been resolved: gtp: Fix use-after-free in gtpencapdestroy. syzkaller reported use-after-free in gtpencapdestroy. 0 It shows the same process freed sk and touched it illegally. Commit e198987e7dd7 "gtp: fix suspicious RCU usage" added locksock a...
kernel: l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol L2TP. A missing lock when clearing skuserdata can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service...
NULL Pointer Dereference
linux-azure is vulnerable to NULL Pointer Dereference. A missing lock when clearing 'skuserdata' can lead to the vulnerability causing a potential denial of service...
GSD-2023-1001610 net/tunnel: wait until all sk_user_data reader finish before releasing the sock
net/tunnel: wait until all skuserdata reader finish before releasing the sock This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...
GSD-2023-1001426 net/tunnel: wait until all sk_user_data reader finish before releasing the sock
net/tunnel: wait until all skuserdata reader finish before releasing the sock This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commi...
GSD-2023-1001119 net/tunnel: wait until all sk_user_data reader finish before releasing the sock
net/tunnel: wait until all skuserdata reader finish before releasing the sock This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
DEBIAN-CVE-2022-4129
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol L2TP. A missing lock when clearing skuserdata can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service...