52 matches found
CVE-2022-50536 bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirection, the eval variable is assigned to SKREDIRECT after the applybytes data is sent, if msg has moredata, sockput will be called multip...
CVE-2022-50536
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirection, the eval variable is assigned to SKREDIRECT after the applybytes data is sent, if msg has moredata, sockput will be called multip...
SUSE CVE-2023-53585
In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...
CVE-2025-39913
In the Linux kernel, the following vulnerability has been resolved: tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork. syzbot reported the splat below. 0 The repro does the following: 1. Load a skmsg prog that calls bpfmsgcorkbytesmsg, corkbytes 2. Attach the prog to a...
CVE-2022-50259
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference on the socket. This can cause use-after-free as syzbot found 1 Jakub Sitnicki already took care of a similar issue in sockhashfree i...
CVE-2022-50259 bpf, sockmap: fix race in sock_map_free()
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference on the socket. This can cause use-after-free as syzbot found 1 Jakub Sitnicki already took care of a similar issue in sockhashfree i...
Linux Distros Unpatched Vulnerability : CVE-2023-52986
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Check for any of tcpbpfprots when cloning a listener A listening socket linked...
bpf: fix ktls panic with sockmap
...
AZL-64553 CVE-2025-38112 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: net: Fix TOCTOU issue in skisreadable sk-skprot-sockisreadable is a valid function pointer when sk resides in a sockmap. After the last skpsockput which usually happens when socket is removed from sockmap, sk-skprot gets restored...
kernel: sock_map: avoid race between sock_map_close and sk_psock_put
In the Linux kernel, the following vulnerability has been resolved: sockmap: avoid race between sockmapclose and skpsockput skpsockget will return NULL if the refcount of psock has gone to 0, which will happen when the last call of skpsockput is done. However, skpsockdrop may not have finished ye...
kernel: sock_map: Add a cond_resched() in sock_hash_free()
In the Linux kernel, the following vulnerability has been resolved: sockmap: Add a condresched in sockhashfree Several syzbot soft lockup reports all have in common sockhashfree If a map with a large number of buckets is destroyed, we need to yield the cpu when needed...
CVE-2022-49877
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix the sk-skforwardalloc warning of skstreamkillqueues When running testsockmap selftests, the following warning appears: WARNING: CPU: 2 PID: 197 at net/core/stream.c:205 skstreamkillqueues+0xd3/0xf0 Call Trace:...
UBUNTU-CVE-2025-21854
In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to have a transport assigned, which is expressed in vsockproto::psockupdateskprot. However, there is an edge case where an unconnected...
SUSE CVE-2022-49207
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in skpsockqueuemsg If tcpbpfsendmsg is running during a tear down operation we may enqueue data on the ingress msg queue while tear down is trying to free it. sk1 redirect sk2 sk2 -------------------...
bpf, sockmap: Several fixes to bpf_msg_pop_data
...
DEBIAN-CVE-2024-56664
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close Element replace with a socket different from the one stored may race with socket's close link popping & unlinking. sockmapdelete unconditionally unrefs the wrong element: /...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition issue between element substitution and closure in the bpf, sockmap subsystem...
CVE-2024-53091 bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx
In the Linux kernel, the following vulnerability has been resolved: bpf: Add skisinet and ISICSK check in tlsswhasctxtx/rx As the introduction of the support for vsock and unix sockets in sockmap, tlsswhasctxtx/rx cannot presume the socket passed in must be ISICSK. vsock and afunix sockets have...
CVE-2024-50260 sock_map: fix a NULL pointer dereference in sock_map_link_update_prog()
In the Linux kernel, the following vulnerability has been resolved: sockmap: fix a NULL pointer dereference in sockmaplinkupdateprog The following race condition could trigger a NULL pointer dereference: sockmaplinkdetach: sockmaplinkupdateprog: mutexlock&sockmapmutex; ... sockmaplink-map = NULL;...
CVE-2024-47710
...