DEBIAN-CVE-2021-47519

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo: fix memory leak in error branch In mcanreadfifo, if the second call to mcanfiforead fails, the function jump to the outfail label and returns without calling mcanreceiveskb. This means that the skb...

UBUNTU-CVE-2021-47519

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo: fix memory leak in error branch In mcanreadfifo, if the second call to mcanfiforead fails, the function jump to the outfail label and returns without calling mcanreceiveskb. This means that the skb...

SUSE CVE-2023-52846

In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe The prpfillrct function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to f...

SUSE CVE-2021-47301

In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch nexttowatch when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igbpoll runs while the controller is reset this can lead...

SUSE CVE-2021-47302

In the Linux kernel, the following vulnerability has been resolved: igc: Fix use-after-free error during reset Cleans the next descriptor to watch nexttowatch when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igcpoll runs while the controller is being reset this ca...

kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg

A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause a denial of service condition or potential code execution...

kernel: ip6_vti: fix slab-use-after-free in decode_session6

A use-after-free vulnerability was found in the IPv6 VTI Virtual Tunnel Interface implementation in the Linux kernel. When an IPv6 VTI device uses the SFB Stochastic Fair Blue qdisc, the control block cb field of an skb can be modified during packet enqueuing. The decodesession6 function then rea...

DEBIAN-CVE-2021-47442

In the Linux kernel, the following vulnerability has been resolved: NFC: digital: fix possible memory leak in digitalinsendsddreq 'skb' is allocated in digitalinsendsddreq, but not free when digitalinsendcmd failed, which will cause memory leak. Fix it by freeing 'skb' if digitalinsendcmd return...

UBUNTU-CVE-2021-47442

In the Linux kernel, the following vulnerability has been resolved: NFC: digital: fix possible memory leak in digitalinsendsddreq 'skb' is allocated in digitalinsendsddreq, but not free when digitalinsendcmd failed, which will cause memory leak. Fix it by freeing 'skb' if digitalinsendcmd return...

DEBIAN-CVE-2023-52845

In the Linux kernel, the following vulnerability has been resolved: tipc: Change nlapolicy for bearer-related names to NLANULSTRING syzbot reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in strlen lib/string.c:418...

DEBIAN-CVE-2023-52782

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Track xmit submission to PTP WQ after populating metadata map Ensure the skb is available in metadata mapping to skbs before tracking the metadata index for detecting undelivered CQEs. If the metadata index is put in t...

DEBIAN-CVE-2023-52772

In the Linux kernel, the following vulnerability has been resolved: afunix: fix use-after-free in unixstreamreadactor syzbot reported the following crash 1 After releasing unix socket lock, u-oobskb can be changed by another thread. We must temporarily increase skb refcount to make sure this othe...

UBUNTU-CVE-2023-52772

In the Linux kernel, the following vulnerability has been resolved: afunix: fix use-after-free in unixstreamreadactor syzbot reported the following crash 1 After releasing unix socket lock, u-oobskb can be changed by another thread. We must temporarily increase skb refcount to make sure this othe...

DEBIAN-CVE-2021-47224

In the Linux kernel, the following vulnerability has been resolved: net: lltemac: Make sure to free skb when it is completely used With the skb pointer piggy-backed on the TX BD, we have a simple and efficient way to free the skb buffer when the frame has been transmitted. But in order to avoid...

UBUNTU-CVE-2021-47302

In the Linux kernel, the following vulnerability has been resolved: igc: Fix use-after-free error during reset Cleans the next descriptor to watch nexttowatch when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igcpoll runs while the controller is being reset this ca...

UBUNTU-CVE-2021-47224

In the Linux kernel, the following vulnerability has been resolved: net: lltemac: Make sure to free skb when it is completely used With the skb pointer piggy-backed on the TX BD, we have a simple and efficient way to free the skb buffer when the frame has been transmitted. But in order to avoid...

SUSE CVE-2024-35856

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Fix double free of skb in coredump hcidevcdappend would free the skb on error so the caller don't have to free it again otherwise it would cause the double free of skb. Reported-by : Dan Carpenter...

SUSE CVE-2024-35933

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fix null ptr deref in btintelreadversion If hcicmdsynccomplete is triggered and skb is NULL, then hdev-reqskb is NULL, which will cause this issue...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a page leak when building a skb in big mode...

DEBIAN-CVE-2024-35890

In the Linux kernel, the following vulnerability has been resolved: gro: fix ownership transfer If packets are GROed with fraglist they might be segmented later on and continue their journey in the stack. In skbsegmentlist those skbs can be reused as-is. This is an issue as their destructor was...