Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

The fix for XSA-423 added logic to the Linux’s netback driver to handle cases where a packet is split by a frontend, resulting in not all of the headers being together in one piece. Unfortunately, the introduced logic did not account for the extreme case where the entire packet is split into as...

Ubuntu 18.04 ESM / 20.04 LTS : Linux kernel vulnerabilities (USN-6441-3)

The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6441-3 advisory. Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a...

Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6446-3)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6446-3 advisory. Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized...

Ubuntu 22.04 LTS : Linux kernel (StarFive) vulnerabilities (USN-6444-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6444-2 advisory. Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-6439-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6439-1 advisory. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker...

Ubuntu 18.04 ESM / 20.04 LTS : Linux kernel vulnerabilities (USN-6441-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6441-1 advisory. Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3988-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3988-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3971-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3971-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. Th...

CVE-2023-34319

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

Buffer overflow

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

CVE-2023-34319

CVE-2023-34319 is a Linux kernel netback driver buffer overrun caused by an edge case where an entire packet is fragmented into the maximum pieces yet remains smaller than the area that preserves all headers together, after the XSA-423 fix. Exploitation could enable local denial-of-service or ins...

CVE-2023-34319

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

CVE-2023-34319 Linux: buffer overrun in netback due to unusual packet

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

CVE-2023-34319

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6343-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6343-1 advisory. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker...

Fedora 37 : kernel (2023-638681260a)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-638681260a advisory. The 6.4.9 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

Fedora 38 : kernel (2023-ddfd3073b3)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ddfd3073b3 advisory. The 6.4.9 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

CVE-2023-34319

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

[SECURITY] [DLA 3244-1] linux-5.10 security update

Debian LTS Advisory DLA-3244-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings December 20, 2022 https://wiki.debian.org/LTS Package : linux-5.10 Version : 5.10.158-2deb10u1 CVE ID : CVE-2021-3759 CVE-2022-3169 CVE-2022-3435 CVE-2022-3521 CVE-2022-3524 CVE-2022-3564...