SUSE CVE-2022-49207

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in skpsockqueuemsg If tcpbpfsendmsg is running during a tear down operation we may enqueue data on the ingress msg queue while tear down is trying to free it. sk1 redirect sk2 sk2 -------------------...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: Allow deletion from sockmap/sockhash only if updating is allowed. We have received a surge in reports from syzkaller instances where a BPF program attached to a tracepoint triggered a locking rule violation by performing a...

CVE-2025-21683 bpf: Fix bpf_sk_select_reuseport() memory leak

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfskselectreuseport memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SOATTACHREUSEPORTEBPF set before it was ESTABLISHED. In other...

bpf, sockmap: Several fixes to bpf_msg_pop_data

...

DEBIAN-CVE-2024-56664

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close Element replace with a socket different from the one stored may race with socket's close link popping & unlinking. sockmapdelete unconditionally unrefs the wrong element: /...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition issue between element substitution and closure in the bpf, sockmap subsystem...

CVE-2024-53091 bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx

In the Linux kernel, the following vulnerability has been resolved: bpf: Add skisinet and ISICSK check in tlsswhasctxtx/rx As the introduction of the support for vsock and unix sockets in sockmap, tlsswhasctxtx/rx cannot presume the socket passed in must be ISICSK. vsock and afunix sockets have...

CVE-2024-50260 sock_map: fix a NULL pointer dereference in sock_map_link_update_prog()

In the Linux kernel, the following vulnerability has been resolved: sockmap: fix a NULL pointer dereference in sockmaplinkupdateprog The following race condition could trigger a NULL pointer dereference: sockmaplinkdetach: sockmaplinkupdateprog: mutexlock&sockmapmutex; ... sockmaplink-map = NULL;...

CVE-2024-47710

...

SUSE CVE-2024-47710

In the Linux kernel, the following vulnerability has been resolved: sockmap: Add a condresched in sockhashfree Several syzbot soft lockup reports all have in common sockhashfree If a map with a large number of buckets is destroyed, we need to yield the cpu when needed...

AZL-51213 CVE-2024-47710 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: sockmap: Add a condresched in sockhashfree Several syzbot soft lockup reports all have in common sockhashfree If a map with a large number of buckets is destroyed, we need to yield the cpu when needed...

kernel: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Don't let sockmapclose,destroy,unhash call itself sockmap proto callbacks should never call themselves by design. Protect against bugs like 1 and break out of the recursive loop to avoid a stack overflow in favor of...

bpf: Allow delete from sockmap/sockhash only if update is allowed

...

SUSE CVE-2024-39500

In the Linux kernel, the following vulnerability has been resolved: sockmap: avoid race between sockmapclose and skpsockput skpsockget will return NULL if the refcount of psock has gone to 0, which will happen when the last call of skpsockput is done. However, skpsockdrop may not have finished ye...

CVE-2024-39500

In the Linux kernel, the following vulnerability has been resolved: sockmap: avoid race between sockmapclose and skpsockput skpsockget will return NULL if the refcount of psock has gone to 0, which will happen when the last call of skpsockput is done. However, skpsockdrop may not have finished ye...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between sockmapclose and skpsockput in the sockmap component...

SUSE CVE-2024-38662

In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...

DEBIAN-CVE-2024-38662

In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...

DEBIAN-CVE-2021-47298

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix potential memory leak on unlikely error case If skblinearize is needed and fails we could leak a msg on the error handling. To fix ensure we kfree the msg block before returning error. Found during code review...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a vulnerability in the bpf, sockmap module...