954 matches found
gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization
A flaw was found in the gorilla/schema package. Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of schema.Decoder.Decode on a struct with arrays ...
gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization
A flaw was found in the gorilla/schema package. Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of schema.Decoder.Decode on a struct with arrays ...
CVE-2024-42106
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42080
In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Fix potential invalid address access struct rdmarestrackentry's kernname was set to KBUILDMODNAME in ibcreatecq, while if the module exited but forgot del this rdmarestrackentry, it would cause a invalid address...
CVE-2024-42106
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
UBUNTU-CVE-2024-42151
In the Linux kernel, the following vulnerability has been resolved: bpf: mark bpfdummystructops.test1 parameter as nullable Test case dummystops/dummyinitretvalue passes NULL as the first parameter of the test1 function. Mark this parameter as nullable to make verifier aware of such possibility...
CVE-2024-42148 bnx2x: Fix multiple UBSAN array-index-out-of-bounds
In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of Ethernet queues greater than or equal to FPSBMAXE1x...
CVE-2024-42106
CVE-2024-42106 : In the Linux kernel, the inet_diag path for raw sockets could read an uninitialized pad field in inet_diag_req_v2 when converting inet_diag_req to v2, leading to uninitialized reads in raw_lookup(). The root cause is that inet_diag_get_exact_compat() and inet_diag_dump_compat() d...
CVE-2024-42106 inet_diag: Initialize pad field in struct inet_diag_req_v2
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42106
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42106 inet_diag: Initialize pad field in struct inet_diag_req_v2
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42106 inet_diag: Initialize pad field in struct inet_diag_req_v2
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-41094
In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Only set smemstart is enable per module option Only export struct fbinfo.fix.smemstart if that is required by the user and the memory does not come from vmalloc. Setting struct fbinfo.fix.smemstart breaks systems...
CVE-2024-41094 drm/fbdev-dma: Only set smem_start is enable per module option
In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Only set smemstart is enable per module option Only export struct fbinfo.fix.smemstart if that is required by the user and the memory does not come from vmalloc. Setting struct fbinfo.fix.smemstart breaks systems...
AZL-57740 CVE-2024-41023 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix taskstruct reference leak During the execution of the following stress test with linux-rt: stress-ng --cyclic 30 --timeout 30 --minimize --quiet kmemleak frequently reported a memory leak concerning the...
DEBIAN-CVE-2024-41023
In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix taskstruct reference leak During the execution of the following stress test with linux-rt: stress-ng --cyclic 30 --timeout 30 --minimize --quiet kmemleak frequently reported a memory leak concerning the...
UBUNTU-CVE-2024-41023
In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix taskstruct reference leak During the execution of the following stress test with linux-rt: stress-ng --cyclic 30 --timeout 30 --minimize --quiet kmemleak frequently reported a memory leak concerning the...
gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization
A flaw was found in the gorilla/schema package. Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of schema.Decoder.Decode on a struct with arrays ...
CVE-2022-48779
A flaw was found in the Linux kernel in the net ocelot driver, which involved a use-after-free issue in the ocelotvlandel function. The flaw occurred when the ocelotvlanmemberdel function freed the struct ocelotbridgevlan, still referenced by the port's Primary VLAN ID PVID. Mitigation Mitigation...
CVE-2024-40954
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...