10 matches found
CVE-2024-43887
In the Linux kernel, the following vulnerability has been resolved: net/tcp: Disable TCP-AO static key after RCU grace period The lifetime of TCP-AO statickey is the same as the last tcpaoinfo. On the socket destruction tcpaoinfo ceases to be with RCU grace period, while tcp-ao static branch is...
CVE-2024-43887
In the Linux kernel, the following vulnerability has been resolved: net/tcp: Disable TCP-AO static key after RCU grace period The lifetime of TCP-AO statickey is the same as the last tcpaoinfo. On the socket destruction tcpaoinfo ceases to be with RCU grace period, while tcp-ao static branch is...
CVE-2024-43887 net/tcp: Disable TCP-AO static key after RCU grace period
In the Linux kernel, the following vulnerability has been resolved: net/tcp: Disable TCP-AO static key after RCU grace period The lifetime of TCP-AO statickey is the same as the last tcpaoinfo. On the socket destruction tcpaoinfo ceases to be with RCU grace period, while tcp-ao static branch is...
CVE-2024-43887
The CVE-2024-43887 entry relates to the Linux kernel (net/tcp) TCP-AO static key handling. The vulnerability arises because the lifetime of the TCP-AO static_key is tied to the last tcp_ao_info, and, if an RCU grace period is delayed, a CPU may observe a tcp_ao_info that is about to be deallocate...
CVE-2024-43887
In the Linux kernel, the following vulnerability has been resolved: net/tcp: Disable TCP-AO static key after RCU grace period The lifetime of TCP-AO statickey is the same as the last tcpaoinfo. On the socket destruction tcpaoinfo ceases to be with RCU grace period, while tcp-ao static branch is...
CVE-2024-43887 net/tcp: Disable TCP-AO static key after RCU grace period
In the Linux kernel, the following vulnerability has been resolved: net/tcp: Disable TCP-AO static key after RCU grace period The lifetime of TCP-AO statickey is the same as the last tcpaoinfo. On the socket destruction tcpaoinfo ceases to be with RCU grace period, while tcp-ao static branch is...
CVE-2024-40985
In the Linux kernel, the following vulnerability has been resolved: net/tcpao: Don't leak aoinfo on error-path It seems I introduced it together with TCPAOCMDFAOREQUIRED, on version 5 1 of TCP-AO patches. Quite frustrative that having all these selftests that I've written, running kmemtest & kcov...
CVE-2024-40985 net/tcp_ao: Don't leak ao_info on error-path
In the Linux kernel, the following vulnerability has been resolved: net/tcpao: Don't leak aoinfo on error-path It seems I introduced it together with TCPAOCMDFAOREQUIRED, on version 5 1 of TCP-AO patches. Quite frustrative that having all these selftests that I've written, running kmemtest & kcov...
CVE-2022-22237
An Improper Authentication vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause an impact on confidentiality or integrity. A vulnerability in the processing of TCP-AO will allow a BGP or LDP peer not configured with authentication to...
CVE-2022-22237 Junos OS: Peers not configured for TCP-AO can establish a BGP or LDP session even if authentication is configured locally
An Improper Authentication vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause an impact on confidentiality or integrity. A vulnerability in the processing of TCP-AO will allow a BGP or LDP peer not configured with authentication to...