25 matches found
CVE-2023-53535
In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: Add a check for oversized packets Occasionnaly we may get oversized packets from the hardware which exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early check which drops the packet to avoid...
CVE-2023-53535 net: bcmgenet: Add a check for oversized packets
In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: Add a check for oversized packets Occasionnaly we may get oversized packets from the hardware which exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early check which drops the packet to avoid...
CVE-2024-56639 net: hsr: must allocate more bytes for RedBox support
In the Linux kernel, the following vulnerability has been resolved: net: hsr: must allocate more bytes for RedBox support Blamed commit forgot to change hsrinitskb to allocate larger skb for RedBox case. Indeed, sendhsrsupervisionframe will add two additional components struct hsrsuptlv and struc...
CVE-2024-43844
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: wow: fix GTK offload H2C skbuff issue We mistakenly put skb too large and that may exceed skb-end. Therefore, we fix it. skbuff: skboverpanic: text:ffffffffc09e9a9d len:416 put:204 head:ffff8fba04eca780...
CVE-2022-48830 can: isotp: fix potential CAN frame reception race in isotp_rcv()
In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotprcv When receiving a CAN frame the current code logic does not consider concurrently receiving processes which do not show up in real world usage. Ziyang Xuan writes: The...
CVE-2022-48830 can: isotp: fix potential CAN frame reception race in isotp_rcv()
In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotprcv When receiving a CAN frame the current code logic does not consider concurrently receiving processes which do not show up in real world usage. Ziyang Xuan writes: The...
CVE-2024-35901
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skboverpanic managetrxbufcfg aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skboverpanic. Sample dmesg:...
CVE-2024-35901
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skboverpanic managetrxbufcfg aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skboverpanic. Sample dmesg:...
CVE-2024-35901 net: mana: Fix Rx DMA datasize and skb_over_panic
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skboverpanic managetrxbufcfg aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skboverpanic. Sample dmesg:...
CVE-2024-35901 net: mana: Fix Rx DMA datasize and skb_over_panic
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skboverpanic managetrxbufcfg aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skboverpanic. Sample dmesg:...
CVE-2024-35901
CVE-2024-35901 relates to the Linux kernel mana driver: mana_get_rxbuf_cfg() aligns the RX DMA datasize to a multiple of 64, enabling a packet around MTU+14 (e.g., 1536) to be received and trigger skb_over_panic. The impact is a kernel panic/BUG in net/core/skbuff.c when skb_panic is hit during s...
CVE-2024-35901 net: mana: Fix Rx DMA datasize and skb_over_panic
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skboverpanic managetrxbufcfg aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skboverpanic. Sample dmesg:...
CVE-2023-52611
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...
CVE-2023-52611
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...
CVE-2023-52611 wifi: rtw88: sdio: Honor the host max_req_size in the RX path
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...
CVE-2023-52611
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...
CVE-2023-52611
CVE-2023-52611 (Linux kernel, wifi: rtw88 SDIO): Fixes address skb_over_panic by ensuring the driver can receive more than 1536 bytes from the SDIO card. Root causes include an Amlogic A311D (G12B) SDIO controller hardware bug (DMA transfers blocked; uses SRAM up to 1536 bytes) and rtw88 not spli...
CVE-2023-52611 wifi: rtw88: sdio: Honor the host max_req_size in the RX path
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...
CVE-2021-43976
In the Linux kernel through 5.15.2, mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker who can connect a crafted USB device to cause a denial of service skboverpanic...
Oracle: Security Advisory (ELSA-2014-3087)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...