SUSE CVE-2022-49275

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcantxhandler: fix use after free of skb canputechoskb will clone skb then free the skb. Move the canputechoskb for the mcan version 3.0.x directly before the start of the xmit in hardware, similar to the 3.1.x branch...

SUSE CVE-2022-49470

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtksdio: fix use-after-free at btmtksdiorecvevent We should not access skb buffer data anymore after hcirecvframe was called. 39.634809 BUG: KASAN: use-after-free in btmtksdiorecvevent+0x1b0 39.634855 Read of size 1 ...

DEBIAN-CVE-2022-49561

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: re-fetch conntrack after insertion In case the conntrack is clashing, insertion can free skb-nfct and set skb-nfct to the already-confirmed entry. This wasn't found before because the conntrack entry and the...

UBUNTU-CVE-2022-49275

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcantxhandler: fix use after free of skb canputechoskb will clone skb then free the skb. Move the canputechoskb for the mcan version 3.0.x directly before the start of the xmit in hardware, similar to the 3.1.x branch...

UBUNTU-CVE-2022-49369

In the Linux kernel, the following vulnerability has been resolved: amt: fix possible memory leak in amtrcv If an amt receives packets and it finds socket. If it can't find a socket, it should free a received skb. But it doesn't. So, a memory leak would possibly occur...

UBUNTU-CVE-2022-49230

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix possible memory leak in mt7915mcuaddsta Free allocated skb in mt7915mcuaddsta routine in case of failures...

DEBIAN-CVE-2022-49153

In the Linux kernel, the following vulnerability has been resolved: wireguard: socket: free skb in send6 when ipv6 is disabled I got a memory leak report: unreferenced object 0xffff8881191fc040 size 232: comm "kworker/u17:0", pid 23193, jiffies 4295238848 age 3464.870s hex dump first 32 bytes: 00...

DEBIAN-CVE-2022-49066

In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with actmirred, skbheadlen may be 0. But vethxmit calls devforwardskb, which expects at least ETHHLEN byte of linear data as...

UBUNTU-CVE-2022-49066

In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with actmirred, skbheadlen may be 0. But vethxmit calls devforwardskb, which expects at least ETHHLEN byte of linear data as...

UBUNTU-CVE-2022-49084

In the Linux kernel, the following vulnerability has been resolved: qede: confirm skb is allocated before using qedebuildskb assumes buildskb always works and goes straight to skbreserve. However, buildskb can fail under memory pressure. This results in a kernel panic because the skb to reserve i...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the amtrcv function not releasing an incoming skb when a socket is not found, potentially leading to a memor...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from vethxmit not ensuring that the Ethernet header is in the linear portion of the skb, which could cause the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a segmentation issue when upgrading gsosize. The skb was linearized during the upgrade of gsosize, as this might trigger a BUGON function later on, as described in 1,2...

net: vertexcom: mse102x: Fix possible double free of TX skb

...

octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx()

...

UBUNTU-CVE-2024-57902

In the Linux kernel, the following vulnerability has been resolved: afpacket: fix vlangettci vs MSGPEEK Blamed commit forgot MSGPEEK case, allowing a crash 1 as found by syzbot. Rework vlangettci to not touch skb at all, so that it can be used from many cpus on the same skb. Add a const qualifier...

CVE-2024-57902 af_packet: fix vlan_get_tci() vs MSG_PEEK

In the Linux kernel, the following vulnerability has been resolved: afpacket: fix vlangettci vs MSGPEEK Blamed commit forgot MSGPEEK case, allowing a crash 1 as found by syzbot. Rework vlangettci to not touch skb at all, so that it can be used from many cpus on the same skb. Add a const qualifier...

DEBIAN-CVE-2024-56372

In the Linux kernel, the following vulnerability has been resolved: net: tun: fix tunnapiallocfrags syzbot reported the following crash 1 Issue came with the blamed commit. Instead of going through all the iov components, we keep using the first one and end up with a malformed skb. 1 kernel BUG a...

SUSE CVE-2024-56648

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...

SUSE CVE-2024-56653

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: avoid UAF in btmtkprocesscoredump hcidevcdappend may lead to the release of the skb, so it cannot be accessed once it is called. ================================================================== BUG: KASAN:...