2 matches found
CVE-2024-26752
CVE-2024-26752 affects the Linux kernel L2TP/IP6 path: a miscalculated ulen in l2tp_ip6_sendmsg (ulen = len + skb_queue_empty(...) ? transhdrlen : 0) due to operator precedence caused incorrect transport-header accounting, leading to corrupted packets on the wire. The fix adds parentheses to alig...
CVE-2023-52879
CVE-2023-52879 describes a Linux kernel vulnerability in tracing, specifically adding ref counters to trace_event_file to prevent use-after-free when a kprobe event is deleted while its tracefs file is still open. The issue can cause a kernel NULL pointer dereference and crash (local privilege no...