CVE-2023-53585

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

UBUNTU-CVE-2023-53585

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

kernel: bpf: reject unhashed sockets in bpf_sk_assign

A reference counting flaw was found in the Linux kernel's BPF socket assignment helper when handling unhashed UDP sockets. When a BPF program assigns an unhashed UDP socket to a packet, the function increments the socket reference count assuming SOCKRCUFREE isn't set. However, subsequent bind or...

kernel: denial of service in tipc_conn_close

A data race flaw was found in the Linux kernel, between where con is allocated and con-sock is set. This issue leads to a NULL pointer dereference when accessing con-sock-sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel...