57 matches found
CVE-2023-52435
In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...
CVE-2023-52435 net: prevent mss overflow in skb_segment()
In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...
CVE-2023-52435
CVE-2023-52435 affects the Linux kernel’s net/ skb_segment() and can overflow MSS when computing mss = mss * partial_segs, risking a crash (e.g., GSO_BY_FRAGS) and triggering NULL pointer dereferences in some traces. The fix adds a guard to ensure the new MSS is smaller than GSO_BY_FRAGS, prevent...
CVE-2023-52435 net: prevent mss overflow in skb_segment()
In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...
CVE-2023-52435 net: prevent mss overflow in skb_segment()
In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...
CVE-2023-52435
In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...
kernel: net: gso: fix panic on frag_list with mixed head alloc types
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix panic on fraglist with mixed head alloc types Since commit 3dcbdb134f32 "net: gso: Fix skbsegment splat when splitting gsosize mangled skb having linear-headed fraglist", it is allowed to change gsosize of a GRO...
K15699: Linux kernel vulnerability CVE-2014-0131
Security Advisory Description Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. CVE-2014-0131 Impact...
Linux kernel skb_segment函数释放后使用漏洞
CVE ID:CVE-2014-0131 Linux kernel是一款开源的操作系统。 Linux kernel skbsegment函数net/core/skbuff.c存在释放后使用漏洞,允许攻击者利用漏洞获取内核内存敏感信息。 0 Linux kernel 3.13.6 用户可参考厂商的GIT库以获得补丁修复此漏洞: https://github.com/torvalds/linux/commit/1fd819ecb90cc9b822cd84d3056ddba315d3340f...
CVE-2014-0131
Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation...
DEBIAN-CVE-2014-0131
Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation...
Design/Logic Flaw
Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation...
CVE-2014-0131
Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation...
CVE-2014-0131
CVE-2014-0131 affects the Linux kernel up to version 3.13.6. The vulnerability is a use-after-free in the skb_segment function within net/core/skbuff.c caused by the absence of a certain orphaning operation. Exploitation details are not provided in the supplied documents. The impact is that an at...
CVE-2014-0131
Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation...
UBUNTU-CVE-2014-0131
Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation...