CVE-2021-46936

In the Linux kernel, the following vulnerability has been resolved: net: fix use-after-free in twtimerhandler A real world panic issue was found as follow in Linux 5.4. BUG: unable to handle page fault for address: ffffde49a863de28 PGD 7e6fe62067 P4D 7e6fe62067 PUD 7e6fe63067 PMD f51e064067 PTE 0...

UBUNTU-CVE-2021-46936

In the Linux kernel, the following vulnerability has been resolved: net: fix use-after-free in twtimerhandler A real world panic issue was found as follow in Linux 5.4. BUG: unable to handle page fault for address: ffffde49a863de28 PGD 7e6fe62067 P4D 7e6fe62067 PUD 7e6fe63067 PMD f51e064067 PTE 0...

Linux kernel security vulnerabilities

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that originates from a reuse-after-release vulnerability in twtimerhandler...

SUSE SLES15 Security Update : kernel RT (Live Patch 17 for SLE 15 SP4) (SUSE-SU-2024:0339-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0339-1 advisory. - A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition ca...

Important: kernel-livepatch-4.14.327-246.539

Issue Overview: An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 netfilter: nftables: Reject tables of unsupported family; While creating a new netfilter table, lack of a safeguard against invalid nftables family pf values within nftablesnewtable...

PT-2024-20330 · Unknown · Mediaserver

Name of the Vulnerable Software and Affected Versions: media-server version 1.0.0 Description: A Use-After-Free UAF issue was discovered in the sip uac stop timer function. This issue is related to the /uac/sip-uac-transaction.c file. Recommendations: For media-server version 1.0.0, consider...

kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c

A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdiunregister is called to stop further write-back and waits for associated delayed work to complete. However, wbinodewritebackend may schedule bandwidth estimation work after this has completed, which can result in the...

It was discovered that when exec'ing from a non-leader thread armed POSIX CPU timers would be left on a list but freed leading to a use-after-free.

...

CVE-2024-0562

A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdiunregister is called to stop further write-back and waits for associated delayed work to complete. However, wbinodewritebackend may schedule bandwidth estimation work after this has completed, which can result in the...

Design/Logic Flaw

A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdiunregister is called to stop further write-back and waits for associated delayed work to complete. However, wbinodewritebackend may schedule bandwidth estimation work after this has completed, which can result in the...

OESA-2024-1030 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: openeuler-linux-kernel-4.19.0-cbsdestroy-NULL-ptr-deref-391216CVE-2021-33630 openeuler-linux-kernel-5.10.149-ext4writeinlinedata-kernelbug-365020CVE-2021-33631 An out-of-bounds read vulnerability was found in the NVMe-oF/TCP...

CVE-2022-2585

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free...

CVE-2023-28583

Memory corruption when IPv6 prefix timer objects lifetime expires which are created while Netmgr daemon gets an IPv6 address...

Memory corruption

Memory corruption when IPv6 prefix timer objects lifetime expires which are created while Netmgr daemon gets an IPv6 address...

CVE-2023-28583 Double Free in Data Network Stack & Connectivity

Memory corruption when IPv6 prefix timer objects lifetime expires which are created while Netmgr daemon gets an IPv6 address...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption that occurs when the life cycle of an IPv6 Prefix Timer object, which is created when the Netmgr daemon obtains an IPv6 address,...

PT-2024-12172 · Unknown · Netmgr Daemon

Name of the Vulnerable Software and Affected Versions: Netmgr daemon affected versions not specified Description: The issue is related to memory corruption that occurs when the lifetime of IPv6 prefix timer objects expires. These objects are created while the Netmgr daemon is obtaining an IPv6...

CVE-2023-6932

A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past...

AZL-32263 CVE-2023-6932 affecting package kernel for versions less than 5.15.143.1-1

A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past...

Race condition

A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past...