12434 matches found
SUSE CVE-2023-53489
In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socketAFINET, SOCKDGRAM, 0...
SUSE CVE-2023-53496
In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socketnode lookups. But when nrcpus is set to a smaller number than actually present, the...
SUSE CVE-2025-39897
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Add error handling for RX metadata pointer retrieval Add proper error checking for dmaenginedescgetmetadataptr which can return an error pointer and lead to potential crashes or undefined behaviour if the...
SUSE CVE-2025-39913
In the Linux kernel, the following vulnerability has been resolved: tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork. syzbot reported the splat below. 0 The repro does the following: 1. Load a skmsg prog that calls bpfmsgcorkbytesmsg, corkbytes 2. Attach the prog to a...
CVE-2023-53496
In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socketnode lookups. But when nrcpus is set to a smaller number than actually present, the...
CVE-2023-53489
In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socketAFINET, SOCKDGRAM, 0...
CVE-2023-53466
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix memory leak in mt7915mcuexit Always purge mcu skb queues in mt7915mcuexit routine even if mt7915firmwarestate fails...
CVE-2022-50459
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsiswtcpconngetparam and...
UBUNTU-CVE-2023-53466
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix memory leak in mt7915mcuexit Always purge mcu skb queues in mt7915mcuexit routine even if mt7915firmwarestate fails...
UBUNTU-CVE-2022-50459
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsiswtcpconngetparam and...
UBUNTU-CVE-2023-53464
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Check that sock is valid before iscsisetparam The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad "scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling...
UBUNTU-CVE-2023-53489
In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socketAFINET, SOCKDGRAM, 0...
UBUNTU-CVE-2023-53496
In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socketnode lookups. But when nrcpus is set to a smaller number than actually present, the...
CVE-2023-53496 x86/platform/uv: Use alternate source for socket to node data
In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socketnode lookups. But when nrcpus is set to a smaller number than actually present, the...
CVE-2023-53496
CVE-2023-53496 – In the Linux kernel, the UV (socketnode lookup) code loops over CPUs to build socket tables; when nr_cpus is less than actual CPUs, cpu_to_node() data for unused CPUs is missing, leading to -1 entries and potential oops. The fix replaces the CPU-loop with a loop over APICIDs mapp...
CVE-2023-53496 x86/platform/uv: Use alternate source for socket to node data
In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socketnode lookups. But when nrcpus is set to a smaller number than actually present, the...
CVE-2023-53489 tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socketAFINET, SOCKDGRAM, 0...
CVE-2023-53489 tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socketAFINET, SOCKDGRAM, 0...
CVE-2022-50459 scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsiswtcpconngetparam and...
CVE-2022-50459
CVE-2022-50459 affects the Linux kernel’s iSCSI TCP path (scsi: iscsi: iscsi_tcp) where a NULL pointer dereference can occur if a socket is freed while accessed via sysfs. Details describe the sequence: sock_hold() on struct sock, then sockfd_put() frees the socket, __sock_release() clears sock-&...