17 matches found
mptcp: move subflow cleanup in mptcp_destroy_common()
...
EUVD-2022-55340
Malicious code in bioql PyPI...
EUVD-2022-54564
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-53072
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: use the workqueue to destroy unaccepted sockets Christoph reported a UaF at token lookup time after having refactored the passive socket initialization...
SUSE CVE-2022-50071
In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...
CVE-2022-50071
In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...
DEBIAN-CVE-2022-50071
In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...
UBUNTU-CVE-2022-50071
In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...
CVE-2022-50071
In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...
CVE-2022-50071
The CVE-2022-50071 issue affects the Linux kernel’s MPTCP implementation. The vulnerability arises when socket creation fails due to a CGROUP_INET_SOCK_CREATE eBPF program, causing leakage of subflows because cleanup was not invoked in that code path. The fix moves subflow cleanup into the mptcp_...
CVE-2022-50071 mptcp: move subflow cleanup in mptcp_destroy_common()
In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...
CVE-2022-50071 mptcp: move subflow cleanup in mptcp_destroy_common()
In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a resource leak caused by MPTCP's failure to clean up a subflow when a socket creation fails...
SUSE CVE-2023-53072
In the Linux kernel, the following vulnerability has been resolved: mptcp: use the workqueue to destroy unaccepted sockets Christoph reported a UaF at token lookup time after having refactored the passive socket initialization part: BUG: KASAN: use-after-free in tokenbucketbusy+0x253/0x260 Read o...
AZL-54209 CVE-2024-53122 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcprcvspaceadjust Additional active subflows - i.e. created by the in kernel path manager - are included into the subflow list before starting the 3whs. A racing recvmsg spooling data...
kernel: mptcp: fix race on unaccepted mptcp sockets
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race on unaccepted mptcp sockets When the listener socket owning the relevant request is closed, it frees the unaccepted subflows and that causes later deletion of the paired MPTCP sockets. The mptcp socket's worker ca...
GSD-2022-1005159 mptcp: move subflow cleanup in mptcp_destroy_common()
mptcp: move subflow cleanup in mptcpdestroycommon This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.4 by commit...