kernel: ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-sk in ipvlanprocessv4,6outbound Raw packet from PFPACKET socket ontop of an IPv6-backed ipvlan device will hit WARNONONCE in skmcloop through schdirectxmit path. WARNING: CPU: 2 PID: 0 at net/core/sock.c:775...

kernel: ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-sk in ipvlanprocessv4,6outbound Raw packet from PFPACKET socket ontop of an IPv6-backed ipvlan device will hit WARNONONCE in skmcloop through schdirectxmit path. WARNING: CPU: 2 PID: 0 at net/core/sock.c:775...

SUSE CVE-2023-52887

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: enhanced error handling for tightly received RTS messages in xtprxrtssessionnew This patch enhances error handling in scenarios with RTS Request to Send messages arriving closely. It replaces the less informative...

SUSE CVE-2024-41043

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: drop bogus WARNON Happens when rules get flushed/deleted while packet is out, so remove this WARNON. This WARN exists in one form or another since v4.14, no need to backport this to older releases, henc...

CVE-2024-42146

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add outer runtimepm protection to xelivektest@xedmabuf Any kunit doing any memory access should get their own runtimepm outer references since they don't use the standard driver API entries. In special this dmabuf from th...

CVE-2024-42146 drm/xe: Add outer runtime_pm protection to xe_live_ktest@xe_dma_buf

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add outer runtimepm protection to xelivektest@xedmabuf Any kunit doing any memory access should get their own runtimepm outer references since they don't use the standard driver API entries. In special this dmabuf from th...

CVE-2024-42146 drm/xe: Add outer runtime_pm protection to xe_live_ktest@xe_dma_buf

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add outer runtimepm protection to xelivektest@xedmabuf Any kunit doing any memory access should get their own runtimepm outer references since they don't use the standard driver API entries. In special this dmabuf from th...

AZL-47148 CVE-2024-42082 affecting package kernel for versions less than 6.6.43.1-7

In the Linux kernel, the following vulnerability has been resolved: xdp: Remove WARN from xdpregmemmodel syzkaller reports a warning in xdpregmemmodel. The warning occurs only if memidinithashtable returns an error. It returns the error in two cases: 1. memory allocation fails; 2. rhashtableinit...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from packets remaining external when a rule is flushed or removed, so this WARNON should be removed...

PT-2024-29223 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to v4.14 Description: The issue occurs in the netfilter component of the Linux kernel, specifically in the nfnetlink queue module. It happens when rules are flushed or deleted while a packet is being processed,...

SUSE CVE-2024-40938

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix dparent walk The WARNONONCE in collectdomainaccesses can be triggered when trying to link a root mount point. This cannot work in practice because this directory is mounted, but the VFS check is done after the call ...

SUSE CVE-2024-40996

In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid splat in pskbpullreason syzkaller builds CONFIGDEBUGNET=y frequently trigger a debug hint in pskbmaypull. We'd like to retain this debug check because it might hint at integer overflows and other issues kernel code...

SUSE CVE-2024-39509

In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARNON in implement Syzkaller hit a warning 1 in a call to implement when trying to write a value into a field of smaller size in an output report. Since implement already has a warn message printed...

DEBIAN-CVE-2024-40938

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix dparent walk The WARNONONCE in collectdomainaccesses can be triggered when trying to link a root mount point. This cannot work in practice because this directory is mounted, but the VFS check is done after the call ...

DEBIAN-CVE-2024-40909

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free in bpflinkfree After commit 1a80dbcb2dba, bpflink can be freed by link-ops-deallocdeferred, but the code still tests and uses link-ops-dealloc afterward, which leads to a use-after-free as...

DEBIAN-CVE-2024-39509

In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARNON in implement Syzkaller hit a warning 1 in a call to implement when trying to write a value into a field of smaller size in an output report. Since implement already has a warn message printed...

UBUNTU-CVE-2024-40996

In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid splat in pskbpullreason syzkaller builds CONFIGDEBUGNET=y frequently trigger a debug hint in pskbmaypull. We'd like to retain this debug check because it might hint at integer overflows and other issues kernel code...

UBUNTU-CVE-2024-39509

In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARNON in implement Syzkaller hit a warning 1 in a call to implement when trying to write a value into a field of smaller size in an output report. Since implement already has a warn message printed...

UBUNTU-CVE-2024-40950

In the Linux kernel, the following vulnerability has been resolved: mm: hugememory: fix misused mappinglargefoliosupport for anon folios When I did a large folios split test, a WARNING " 5059.122759 T166 Cannot split file folio to non-0 order" was triggered. But the test cases are only for anonmo...

UBUNTU-CVE-2024-40909

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free in bpflinkfree After commit 1a80dbcb2dba, bpflink can be freed by link-ops-deallocdeferred, but the code still tests and uses link-ops-dealloc afterward, which leads to a use-after-free as...