3 matches found
CVE-2024-26925
CVE-2024-26925 affects the Linux kernel nf_tables component. The issue arises when the commit mutex is released during the abort path between nft_gc_seq_begin() and nft_gc_seq_end(), allowing an asynchronous GC worker to collect expired objects and obtain the released commit lock within the same ...
CVE-2023-6111
CVE-2023-6111 is a use-after-free in the Linux kernel netfilter nf_tables GC path: the function nft_trans_gc_catchall can fail to remove a catchall set element from catchall_list when sync is true, allowing a catchall element to be freed multiple times. This enables local privilege escalation. Th...
CVE-2023-52501
The connected MiracleLinux advisory confirms CVE-2023-52501 affects the Linux kernel ring-buffer code. The issue occurs when iterating a live ring buffer: if the last event sits at the end of a page with only 4 bytes left, the event length check can misread the length (first 4 bytes, or the lengt...