2 matches found
CVE-2025-21962
CVE-2025-21962 affects the Linux kernel CIFS mount option closetimeo, where user-provided closetimeo (u32) is converted to jiffies before validation, allowing an integer overflow. Connected sources (Astra Linux, ALAS AWS advisories, Debian/Red Hat references) confirm this as a kernel-level issue ...
CVE-2024-36903
CVE-2024-36903 is a Linux kernel vulnerability related to potential uninitialized value access in IPv6 processing. The cited fix targets __ip6_make_skb() in the IPv6 path by mirroring the IPv4 correction: it now validates FLOWI_FLAG_KNOWN_NH on fl6->flowi6_flags instead of testing HDRINCL on t...