8 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2024-44986)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44986 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in ip6finishoutpu...
CVE-2024-44986
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in ip6finishoutput2 If skbexpandhead returns NULL, skb has been freed and associated dst/idev could also have been freed. We need to hold rcureadlock to make sure the dst and associated idev are alive...
DEBIAN-CVE-2024-44985
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UAF in ip6xmit If skbexpandhead returns NULL, skb has been freed and the associated dst/idev could also have been freed. We must use rcureadlock to prevent a possible UAF...
CVE-2024-44985
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UAF in ip6xmit If skbexpandhead returns NULL, skb has been freed and the associated dst/idev could also have been freed. We must use rcureadlock to prevent a possible UAF...
CVE-2024-44986 ipv6: fix possible UAF in ip6_finish_output2()
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in ip6finishoutput2 If skbexpandhead returns NULL, skb has been freed and associated dst/idev could also have been freed. We need to hold rcureadlock to make sure the dst and associated idev are alive...
CVE-2024-44985 ipv6: prevent possible UAF in ip6_xmit()
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UAF in ip6xmit If skbexpandhead returns NULL, skb has been freed and the associated dst/idev could also have been freed. We must use rcureadlock to prevent a possible UAF...
CVE-2024-44986
CVE-2024-44986 affects the Linux kernel IPv6 path. A use-after-free can occur in ip6_finish_output2() if skb_expand_head() returns NULL, potentially freeing skb and its dst/idev; the code must hold rcu_read_lock() to keep dst/idev alive. The provided connected documents confirm a kernel fix in th...
CVE-2024-44985 ipv6: prevent possible UAF in ip6_xmit()
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UAF in ip6xmit If skbexpandhead returns NULL, skb has been freed and the associated dst/idev could also have been freed. We must use rcureadlock to prevent a possible UAF...