CVE-2024-43878

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix input error path memory access When there is a misconfiguration of input state slow path KASAN report error. Fix this error. west login: 52.987278 eth1: renamed from veth11 53.078814 eth1: renamed from veth21 53.181355...

CVE-2021-47309

A vulnerability was found in the Linux kernel's networking component, where the skbtunnelinfo function can return unvalidated data. This issue arises because the function does not check the type of lwtstate-data before using it, which could lead to accessing incompatible data types and cause memo...

CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2021-47309

CVE-2021-47309 affects the Linux kernel's net/tunnel code: skb_tunnel_info() may return a pointer to lwtstate->data without validating its type, risking out-of-bounds reads such as during VXLAN routing. Connected advisories (SUSE-SU-2024:2561-1 and related OSV/Nessus entries) confirm the fix i...