19 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: TCP: TX zerocopy should not access the pfmemalloc status. We received a recent syzbot report 1 indicating a possible misuse of the page status in TCP zerocopy paths. Indeed, for pages originating from user space or other layers,...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Add sanity checks to rx zerocopy The purpose of TCP rx zerocopy is to map pages initially allocated by NIC drivers, not pages owned by a file system. This patch adds additional checks to canmapfrag: - The page must not be a...
SUSE CVE-2023-53669
In the Linux kernel, the following vulnerability has been resolved: tcp: fix skbcopyubufs vs BIG TCP David Ahern reported crashes in skbcopyubufs caused by TCP tx zerocopy using hugepages, and skb length bigger than 68 KB. skbcopyubufs assumed it could copy all payload using up to MAXSKBFRAGS...
Linux Distros Unpatched Vulnerability : CVE-2022-48689
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing ...
Medium: grpc
Issue Overview: There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPCARGTCPTXZEROCOPYENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmission...
OESA-2024-2573 grpc security update
gRPC is a modern open source high performance RPC framework that can run in any environment. It can efficiently connect services in and across data centers with pluggable support for load balancing, tracing, health checking and authentication. It is also applicable in last mile of distributed...
AZL-53456 CVE-2024-11407 affecting package grpc for versions less than 1.62.0-4
There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPCARGTCPTXZEROCOPYENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmission over the network...
SUSE CVE-2022-48819
In the Linux kernel, the following vulnerability has been resolved: tcp: take care of mixed splice/sendmsgMSGZEROCOPY case syzbot found that mixing sendpage and sendmsgMSGZEROCOPY calls over the same TCP socket would again trigger the infamous warning in inetsockdestruct WARNONskforwardallocgetsk...
SUSE CVE-2022-48689
In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...
DEBIAN-CVE-2022-48689
In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...
CVE-2022-48689
In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...
CVE-2022-48689
In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...
CVE-2022-48689 tcp: TX zerocopy should not sense pfmemalloc status
In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...
CVE-2022-48689
CVE-2022-48689 pertains to a Linux kernel issue in TCP zerocopy where pfmemalloc status could be misinterpreted by page_is_pfmemalloc() in certain paths. The Astra Linux note confirms the advisory and reiterates the same vulnerability in the kernel and notes a prereq backport: 84ce071e38a6 (net: ...
CVE-2022-48689 tcp: TX zerocopy should not sense pfmemalloc status
In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...
CVE-2022-48689 tcp: TX zerocopy should not sense pfmemalloc status
In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...
CVE-2022-48689
In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...
DEBIAN-CVE-2024-26640
In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to canmapfrag these additional checks: - Page must not be a compound one....
PT-2022-34596 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.9 Description: The issue concerns the tcp TX zerocopy functionality in relation to the pfmemalloc status. It has been noted that this functionality should not sense the pfmemalloc status. The actual impact...