Astra Linux - уязвимость в linux, linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Failure to set the “dormant flag” on the hook register. We need to set the “dormant flag” again if we fail to register the hooks. During memory pressure, hook registration can fail, resulting in a table being...

netfilter: nf_tables: don't unregister hook when table is dormant

...

kernel: netfilter: nf_tables: set dormant flag on hook register failure

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: set dormant flag on hook register failure We need to set the dormant flag again if we fail to register the hooks. During memory pressure hook registration can fail and we end up with a table marked as active...

UBUNTU-CVE-2024-50130

In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in nfunregisternethook+0x640/0x6b0 Read of size 8 at addr ffff8880106fe400 by task repro/72= bpfnflinkrelease+0xda/0x1e0 bpflinkfree+0x139/0x2d0...

DEBIAN-CVE-2024-36005

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: honor table dormant flag from netdev release event path Check for table dormant flag otherwise netdev release event path tries to unregister an already unregistered hook. 524854.857999 ------------ cut here...

UBUNTU-CVE-2024-36005

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: honor table dormant flag from netdev release event path Check for table dormant flag otherwise netdev release event path tries to unregister an already unregistered hook. 524854.857999 ------------ cut here...

CVE-2024-36005 netfilter: nf_tables: honor table dormant flag from netdev release event path

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: honor table dormant flag from netdev release event path Check for table dormant flag otherwise netdev release event path tries to unregister an already unregistered hook. 524854.857999 ------------ cut here...