CVE-2024-56658

CVE-2024-56658 affects the Linux kernel (net subsystem). The issue is a slab-use-after-free in the dst_destroy path triggered when net namespaces dismantle, specifically around xfrm6_net_init()/xfrm4_net_init() where copied dst_ops templates in net→xfrm can be freed before dst callbacks finish. T...

CVE-2024-56658 net: defer final 'struct net' free in netns dismantle

In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dstdestroy 1 Issue is in xfrm6netinit and xfrm4netinit : They copy xfrm46dstopstemplate into net-xfrm.xfrm46dstops. But net structure...

Kernel update: Virtuozzo ReadyKernel patch 61.0 for Virtuozzo 7.0.4 to 7.0.7 HF3

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to Virtuozzo 7.0.4 to 7.0.7 HF3. Vulnerability id: PSBM-88561 It was found that the implementation of ploop did not handle errors reported by kthreadcreate properly. This could lead to a kernel crash in...

Kernel update: Virtuozzo ReadyKernel patch 61.0 for Virtuozzo 7.0.8 and 7.0.8 HF1

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to Virtuozzo 7.0.8 and 7.0.8 HF1. Vulnerability id: PSBM-87836 It was discovered that a container with NFS mounts could keep the files /var/lib/nfs/rpcpipefs/nfs/clntX open, even if no NFS server was...