Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Wireguard: Receive phase: Annotating the data race in receivecounter.counter. Syzkaller with KCSAN identified a data race issue when accessing keypair-receivingcounter.counter. Use READONCE and WRITEONCE annotations to mark th...

GHSA-QPV2-RWC8-C993 Netmaker does not verify JWT signatures for host tokens

Netmaker by Gravitl is an open-source WireGuard-based networking platform for creating and managing virtual overlay networks. The VerifyHostToken function in logic/jwts.go does not validate the JWT signature when verifying host tokens. After calling jwt.ParseWithClaims, the function only checks...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr...

CVE-2024-26861

In the Linux kernel, the following vulnerability has been resolved: wireguard: receive: annotate data-race around receivingcounter.counter Syzkaller with KCSAN identified a data-race issue when accessing keypair-receivingcounter.counter. Use READONCE and WRITEONCE annotations to mark the data rac...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr...