954 matches found
CVE-2021-46954
In the Linux kernel, the following vulnerability has been resolved: net/sched: schfrag: fix stack OOB read while fragmenting IPv4 packets when 'actmirred' tries to fragment IPv4 packets that had been previously re-assembled using 'actct', splats like the following can be observed on kernels built...
CVE-2021-46954 net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets
In the Linux kernel, the following vulnerability has been resolved: net/sched: schfrag: fix stack OOB read while fragmenting IPv4 packets when 'actmirred' tries to fragment IPv4 packets that had been previously re-assembled using 'actct', splats like the following can be observed on kernels built...
CVE-2021-46937
In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfstargetidswrite' DAMON debugfs interface increases the reference counts of 'struct pid's for targets from the 'targetids' file write callback 'dbgfstargetidswrite', but decreases the...
CVE-2021-46937
In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfstargetidswrite' DAMON debugfs interface increases the reference counts of 'struct pid's for targets from the 'targetids' file write callback 'dbgfstargetidswrite', but decreases the...
CVE-2021-46937
In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfstargetidswrite' DAMON debugfs interface increases the reference counts of 'struct pid's for targets from the 'targetids' file write callback 'dbgfstargetidswrite', but decreases the...
DEBIAN-CVE-2021-46937
In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfstargetidswrite' DAMON debugfs interface increases the reference counts of 'struct pid's for targets from the 'targetids' file write callback 'dbgfstargetidswrite', but decreases the...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfstargetidswrite' DAMON debugfs interface increases the reference counts of 'struct pid's for targets from the 'targetids' file write callback 'dbgfstargetidswrite', but decreases the...
CVE-2021-46937 mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfs_target_ids_write()'
In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfstargetidswrite' DAMON debugfs interface increases the reference counts of 'struct pid's for targets from the 'targetids' file write callback 'dbgfstargetidswrite', but decreases the...
CVE-2021-46937 mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfs_target_ids_write()'
In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfstargetidswrite' DAMON debugfs interface increases the reference counts of 'struct pid's for targets from the 'targetids' file write callback 'dbgfstargetidswrite', but decreases the...
CVE-2021-46937
The connected Nessus entry confirms CVE-2021-46937 affects the Linux kernel DAMON debugfs interface: repeated writes to the target_ids file increase pid reference counts without corresponding decreases, causing a memory leak of struct pid. The issue is fixed by a kernel patch that decrements PID ...
CVE-2021-46936 net: fix use-after-free in tw_timer_handler
In the Linux kernel, the following vulnerability has been resolved: net: fix use-after-free in twtimerhandler A real world panic issue was found as follow in Linux 5.4. BUG: unable to handle page fault for address: ffffde49a863de28 PGD 7e6fe62067 P4D 7e6fe62067 PUD 7e6fe63067 PMD f51e064067 PTE 0...
CVE-2021-46931 net/mlx5e: Wrap the tx reporter dump callback to extract the sq
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...
CVE-2021-46912 net: Make tcp_allowed_congestion_control readonly in non-init netns
In the Linux kernel, the following vulnerability has been resolved: net: Make tcpallowedcongestioncontrol readonly in non-init netns Currently, tcpallowedcongestioncontrol is global and writable; writing to it in any net namespace will leak into all other net namespaces...
Linux kernel security vulnerabilities
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. The Linux kernel suffers from a security vulnerability that stems from the fact that the function mlx5etxreporterdumpsq converts its void argument to struct mlx5etxqsq , but in the TX-timeout-recover...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel due to a leak in the struct pid parameter of the dbgfstargetidswrite function...
CVE-2023-52474
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGESIZE-end multi-iovec user SDMA requests hfi1 user SDMA request processing has two bugs that can cause data corruption for user SDMA requests that have multiple payload iovecs where an iovec other th...
CVE-2024-26592
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix UAF issue in ksmbdtcpnewconnection The race is between the handling of a new TCP connection and its disconnection. It leads to UAF on struct tcptransport in ksmbdtcpnewconnection function...
CVE-2024-26592 ksmbd: fix UAF issue in ksmbd_tcp_new_connection()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix UAF issue in ksmbdtcpnewconnection The race is between the handling of a new TCP connection and its disconnection. It leads to UAF on struct tcptransport in ksmbdtcpnewconnection function...
CVE-2024-26592
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix UAF issue in ksmbdtcpnewconnection The race is between the handling of a new TCP connection and its disconnection. It leads to UAF on struct tcptransport in ksmbdtcpnewconnection function...
CVE-2023-52429
dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount...