238 matches found
UBUNTU-CVE-2021-47127
In the Linux kernel, the following vulnerability has been resolved: ice: track AFXDP ZC enabled queues in bitmap Commit c7a219048e45 "ice: Remove xskbuffpool from VSI structure" silently introduced a regression and broke the Tx side of AFXDP in copy mode. xskpool on icering is set only based on t...
CVE-2021-47127 ice: track AF_XDP ZC enabled queues in bitmap
In the Linux kernel, the following vulnerability has been resolved: ice: track AFXDP ZC enabled queues in bitmap Commit c7a219048e45 "ice: Remove xskbuffpool from VSI structure" silently introduced a regression and broke the Tx side of AFXDP in copy mode. xskpool on icering is set only based on t...
CVE-2021-47127 ice: track AF_XDP ZC enabled queues in bitmap
In the Linux kernel, the following vulnerability has been resolved: ice: track AFXDP ZC enabled queues in bitmap Commit c7a219048e45 "ice: Remove xskbuffpool from VSI structure" silently introduced a regression and broke the Tx side of AFXDP in copy mode. xskpool on icering is set only based on t...
SUSE CVE-2024-26611
In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpfxdpadjusttail and memory type is set to MEMTYPEXSKBUFFPOOL, null ptr dereference happens: 1136314.192256 BUG: kernel NULL pointer...
DEBIAN-CVE-2024-26611
In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpfxdpadjusttail and memory type is set to MEMTYPEXSKBUFFPOOL, null ptr dereference happens: 1136314.192256 BUG: kernel NULL pointer...
UBUNTU-CVE-2024-26611
In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpfxdpadjusttail and memory type is set to MEMTYPEXSKBUFFPOOL, null ptr dereference happens: 1136314.192256 BUG: kernel NULL pointer...
UBUNTU-CVE-2021-47105
In the Linux kernel, the following vulnerability has been resolved: ice: xsk: return xsk buffers back to pool when cleaning the ring Currently we only NULL the xdpbuff pointer in the internal SW ring but we never give it back to the xsk buffer pool. This means that buffers can be leaked out of th...
kernel: tcp: fix skb_copy_ubufs() vs BIG TCP
In the Linux kernel, the following vulnerability has been resolved: tcp: fix skbcopyubufs vs BIG TCP David Ahern reported crashes in skbcopyubufs caused by TCP tx zerocopy using hugepages, and skb length bigger than 68 KB. skbcopyubufs assumed it could copy all payload using up to MAXSKBFRAGS...
kernel: ice: xsk: prohibit usage of non-balanced queue id
In the Linux kernel, the following vulnerability has been resolved: ice: xsk: prohibit usage of non-balanced queue id Fix the following scenario: 1. ethtool -L $IFACE rx 8 tx 96 2. xdpsock -q 10 -t -z Above refers to a case where user would like to attach XSK socket in txonly mode at a queue id...
DEBIAN-CVE-2023-1078
A flaw was found in the Linux Kernel in RDS Reliable Datagram Sockets protocol. The rdsrmzerocopycallback uses listentry on the head of a list causing a type confusion. Local user can trigger this with rdsmessageput. Type confusion leads to struct rdsmsgzcopyinfo info actually points to something...
OESA-2023-1177 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...
Exploit for Improper Initialization in Linux Linux_Kernel
CVE-2022-0847 Dirty Pipe linux kernel lifting analysis toc...
PT-2021-8134 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to errors in security settings of the xsk component in the Linux kernel. Exploitation of this issue may allow an attacker to execute arbitrary code and elevate the...
PT-2024-11178 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.12.0-rc2+ 45 Description: A vulnerability in the Linux kernel has been resolved, which was introduced by a commit that removed the xsk buff pool from the VSI structure. This change broke the Tx side of AF XDP ...
PF_RING - High-Speed Packet Capture, Filtering And Analysis
PFRING™ is a new type of network socket that dramatically improves the packet capture speed, and that’s characterized by the following properties: 1. Available for Linux kernels 2.6.32 and newer. 2. No need to patch the kernel: just load the kernel module. 3. 10 Gbit Hardware Packet Filtering usi...
Netsniff-Ng - A Swiss Army Knife For Your Daily Linux Network Plumbing
netsniff-ng is a free Linux networking toolkit, a Swiss army knife for your daily Linux network plumbing if you will. Its gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space a...
Facebook Open Sources Fizz — TLS 1.3 Library For Speed and Security
Facebook has open sourced Fizz—a library designed to help developers implement TLS 1.3 protocol with all recommended security and performance related configurations. Since late last month, Google Chrome web browser has started marking all non-HTTPS websites as 'Not Secure' in an effort to make th...
kernel: net: potential information leak when ubuf backed skbs are skb_zerocopy()ied
Use-after-free vulnerability in the nfqnlzcopy function in net/netfilter/nfnetlinkqueuecore.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. NOTE: the affected code was moved to the...