SUSE CVE-2023-53068

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Limit packet length to skb-len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory content...

CVE-2023-53062

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc95xx: Limit packet length to skb-len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory conten...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fixed the issue where no check was performed to determine whether skb actually contained an ACL header. Otherwise, the code might attempt to access uninitialized/invalid memory beyond the valid skb-data...

UBUNTU-CVE-2024-56590

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix not checking skb length on hciacldatapacket This fixes not checking if skb really contains an ACL header otherwise the code may attempt to access some uninitilized/invalid memory past the valid skb-data...

CVE-2024-56648 net: hsr: avoid potential out-of-bound access in fill_frame_info()

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...

kernel: net: avoid potential underflow in qdisc_pkt_len_init() with UFO

In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdiscpktleninit with UFO After commit 7c6d2ecbda83 "net: be more gentle about silly gso requests coming from user" virtionethdrtoskb had sanity check to detect malicious attempts from user space ...

kernel: net: usb: lan78xx: Limit packet length to skb->len

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Limit packet length to skb-len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory content...

SUSE CVE-2024-49938

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Use skbsetlength for resetting urb before resubmit Syzbot points out that skbtrim has a sanity check on the existing length of the skb, which can be uninitialised in some error paths. The intent here is clearly ju...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the afnetlink component's lack of a length check on skb...

SUSE CVE-2021-47013

In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emacmactxbufsend In emacmactxbufsend, it calls emactxfilltpd..,skb,... If some error happens in emactxfilltpd, the skb will be freed via devkfreeskbskb in error branch of emactxfilltpd...

DEBIAN-CVE-2021-47013

In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emacmactxbufsend In emacmactxbufsend, it calls emactxfilltpd..,skb,... If some error happens in emactxfilltpd, the skb will be freed via devkfreeskbskb in error branch of emactxfilltpd...

SUSE CVE-2022-36946

nfqnlmangle in net/netfilter/nfnetlinkqueue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service panic because, in the case of an nfqueue verdict with a one-byte nftapayload attribute, an skbpull can encounter a negative skb-len...

PT-2024-11115 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use after free issue has been resolved in the Linux kernel. The issue occurs in the emac mac tx buf send function, which calls emac tx fill tpd..,skb,... If an error happens in emac ...

UBUNTU-CVE-2020-0430

In skbheadlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...