2 matches found
UBUNTU-CVE-2024-44946
In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcmsendmsg for the same socket. syzkaller reported UAF in kcmrelease. 0 The scenario is 1. Thread A builds a skb with MSGMORE and sets kcm-seqskb. 2. Thread A resumes building skb from kcm-seqskb but is blocked by...
kernel: missing check in can/bcm and can/raw socket releases
The bcmrelease function in net/can/bcm.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a crafted release operation...