GSD-2022-1008247 ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network

ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.267 by commit...

GSD-2022-1008204 ntfs: check overflow when iterating ATTR_RECORDs

ntfs: check overflow when iterating ATTRRECORDs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.267 by commit...

PT-2022-36489 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: The issue is related to an alignment problem in the bpf prog test run skb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

PT-2022-36469 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: The issue concerns the macvlan component, where a consistent minimal MTU is not enforced. This is an automated ID intended to aid in discovery of potential security vulnerabilities, and th...

PT-2022-36505 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: The issue is related to a potential panic on frag list with mixed head alloc types in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations:...

PT-2022-36462 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: The issue is related to the 9p/trans fd file, where it does not always use O NONBLOCK for read/write operations. The actual impact and attack plausibility have not yet been proven...

PT-2022-36463 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: A potential security issue has been identified in the Linux Kernel, specifically in the gfs2 module, related to the handling of the superblock. The actual impact and attack plausibility ha...

PT-2022-36481 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: The issue is related to close race conditions on sk receive queue. The actual impact and attack plausibility have not yet been proven. It was introduced in version v4.6 and fixed in Linux...

PT-2022-36475 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: The issue is related to a possible memory leak in the iio sysfs trig init function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...