4 matches found
CVE-2024-41006
CVE-2024-41006 : Linux kernel vulnerability where a memory leak in nr_heartbeat_expiry() could occur due to the sock_hold() logic. The fix removes sock_hold() for non-listening sockets and retains it only for listening sockets, addressing a syzkaller-reported leak in nr_create(). The linked advis...
CVE-2023-53304
CVE-2023-53304 concerns the Linux kernel netfilter nft_set_rbtree code. The advisory describes three concrete issues resolved by patching: 1) a lazy garbage-collection on insert that may fail to release the other half of an interval, impacting interval timing expiration walks; 2) incorrect use of...
CVE-2026-45873
CVE-2026-45873 concerns Linux kernel netfilter nft_set_rbtree. The issue arises from partial overlap detection for anonymous sets where adjacent intervals omit end elements, allowing overlaps such as A-B and A-C with C
CVE-2023-53566
The CVE-2023-53566 issue affects the Linux kernel’s netfilter nft_set_rbtree: a null pointer dereference can occur on element insertion (nft_rbtree_gc_elem) and a potential use-after-free during iteration. Connected advisories confirm a fixed in kernel updates (e.g., SUSE SUSE-SU-2025:4320-1 / SU...