4 matches found
CVE-2024-27402
CVE-2024-27402 affects the Linux kernel’s phonet/pep path. The description states a race in skb_queue_empty() is mishandled: receive queues are protected by their spin-locks, not the socket lock, which can cause skb_peek() to return NULL or a pointer to a socket buffer that has already been deque...
CVE-2024-27402 phonet/pep: fix racy skb_queue_empty() use
In the Linux kernel, the following vulnerability has been resolved: phonet/pep: fix racy skbqueueempty use The receive queues are protected by their respective spin-lock, not the socket lock. This could lead to skbpeek unexpectedly returning NULL or a pointer to an already dequeued socket buffer...
CVE-2024-27402
In the Linux kernel, the following vulnerability has been resolved: phonet/pep: fix racy skbqueueempty use The receive queues are protected by their respective spin-lock, not the socket lock. This could lead to skbpeek unexpectedly returning NULL or a pointer to an already dequeued socket buffer...
CVE-2024-26752
CVE-2024-26752 affects the Linux kernel L2TP/IP6 path: a miscalculated ulen in l2tp_ip6_sendmsg (ulen = len + skb_queue_empty(...) ? transhdrlen : 0) due to operator precedence caused incorrect transport-header accounting, leading to corrupted packets on the wire. The fix adds parentheses to alig...