5 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: nfc: llcp: fixed unsafe copies in nfcllcpsetsockopt syzbot reported unsafe calls to copyfromsockptr 1 Use copysafefromsockptr instead. 1 BUG: KASAN: out-of-bounds access in copyfromsockptroffset include/linux/sockptr.h:49 inli...
nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies
...
CLSA-2024-1730479456 Fix CVE(s): CVE-2024-32020
SECURITY UPDATE: When performing a local clone of a repository we end up either copying or hardlinking the source repository into the target repository. - debian/patches/CVE-2024-32020.patch: builtin/clone: refuse local clones of unsafe repositories - CVE-2024-32020...
CVE-2024-36915
In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: fix nfcllcpsetsockopt unsafe copies syzbot reported unsafe calls to copyfromsockptr 1 Use copysafefromsockptr instead. 1 BUG: KASAN: slab-out-of-bounds in copyfromsockptroffset include/linux/sockptr.h:49 inline BUG:...
CVE-2024-36915
CVE-2024-36915 concerns the Linux kernel’s NFC LLCP path where nfc_llcp_setsockopt() could unsafe-copy from user-supplied sockptr data, triggering a slab-out-of-bounds read. Symptom traces show reads of 4 bytes at a user task, linked to copy_from_sockptr() and inline copy_from_sockptr_offset; the...