17 matches found
SUSE-SU-2025:4123-1 Security update for the Linux Kernel (Live Patch 61 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise kernel 4.12.14-122.231 fixes various security issues The following security issues were fixed: - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. - CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. - CVE-2022-49053...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989440)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989440 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach syzbot reported use-after-free in tundetach 1. This...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987023)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987023 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach syzbot reported use-after-free in tundetach 1. This...
kernel: net: tun: Fix use-after-free in tun_detach()
In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach syzbot reported use-after-free in tundetach 1. This causes call trace like below: ================================================================== BUG: KASAN: use-after-free in...
Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check...
Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059167 fixes several issues. The following security issues were fixed: CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check...
The vulnerability of the tun_detach() function in the Linux kernel driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the tundetach function in the drivers/net/tun.c file of the Linux kernel’s tun driver is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected...
CLSA-2024-1731431059 kernel: Fix of 31 CVEs
driver core: bus: Fix double free in driver API busregister CVE-2024-50055 - net: tun: Fix use-after-free in tundetach CVE-2022-49014 - memcg: fix possible use-after-free in memcgwriteeventcontrol CVE-2022-48988 - ppp: fix pppasyncencode illegal access CVE-2024-50035 - drivers: media:...
SUSE CVE-2022-49014
In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach syzbot reported use-after-free in tundetach 1. This causes call trace like below: ================================================================== BUG: KASAN: use-after-free in...
DEBIAN-CVE-2022-49014
In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach syzbot reported use-after-free in tundetach 1. This causes call trace like below: ================================================================== BUG: KASAN: use-after-free in...
UBUNTU-CVE-2022-49014
In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach syzbot reported use-after-free in tundetach 1. This causes call trace like below: ================================================================== BUG: KASAN: use-after-free in...
CVE-2024-47707 ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid possible NULL deref in rt6uncachedlistflushdev Blamed commit accidentally removed a check for rt-rt6iidev being NULL, as spotted by syzbot: Oops: general protection fault, probably for non-canonical address...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible post-release reuse issue in the net/tun module in the tundetach function...
PT-2023-33159 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.12 Description: The issue is related to a use-after-free in the tun detach function. The actual impact and attack plausibility have not yet been proven. It was introduced in version v4.17. Recommendations:...
PT-2023-33379 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.226 Description: The issue is related to a use-after-free in the tun detach function. The actual impact and attack plausibility have not yet been proven. It was introduced in version v4.17 and fixed in Linu...
PT-2023-33322 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.158 Description: The issue is related to a use-after-free in the tun detach function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...
PT-2023-33250 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.82 Description: The issue is related to a use-after-free in the tun detach function. The actual impact and attack plausibility have not yet been proven. It was introduced in version v4.17 and fixed in Linu...