CVE-2024-42272

In the Linux kernel, the following vulnerability has been resolved: sched: actct: take care of padding in struct zoneshtkey Blamed commit increased lookup key size from 2 bytes to 16 bytes, because zoneshtkey got a struct net pointer. Make sure rhashtablelookup is not using the padding bytes whic...

CVE-2023-52843

In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with ethhdr without verifying that the skb has an Ethernet header. Syzbot was able to enter llcrcv on a tun device. Tun can insert packets without mac len and...

CVE-2024-35888

In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head syzbot reported a problem in ip6erspanrcv 1 Issue is that ip6erspanrcv and erspanrcv no longer make sure erspanbasehdr is present in skb linear part skb-head before getting...

CVE-2024-26849

In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit-value in nlavalidaterangeunsigned lib/nlattr.c:222 inline BUG: KMSAN: uninit-value in nlavalidateintrange lib/nlattr.c:336 inline BUG: KMSAN: uninit-value in...

GSD-2022-1002440 ath9k_htc: fix uninit value bugs

ath9khtc: fix uninit value bugs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.276 by commit e352acdd378e9263cc4c6018e588f2dac7161d07, it...

GSD-2022-1001862 ath9k_htc: fix uninit value bugs

ath9khtc: fix uninit value bugs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.33 by commit 0b700f7d06492de34964b6f414120043364f8191, it...