5 matches found
CVE-2024-26889
CVE-2024-26889 refers to a Linux kernel security fix for a Bluetooth (hci_core) buffer overflow. The root cause was a fixed-size name field in struct hci_dev_info (name[8]); a larger hdev->name could cause strcpy to overrun its destination. The fix switches to strscpy to safely copy the device...
CVE-2024-53123
CVE-2024-53123 affects the Linux kernel and is tied to MPTCP: the issue stems from racing disconnect handling. After a blamed commit, sk_wait_data() can return with an error while the underlying socket is already disconnected and the receive window (rcv_mss) is zero. The result is a potential use...
CVE-2024-50136
CVE-2024-50136 affects the Linux kernel’s mlx5 driver (net/mlx5) where the notifier for eswitch init could remain registered after an init failure, causing a later eswitch enable to emit warnings like “notifier callback eswitch_vport_event [mlx5_core] already registered.” The root cause described...
CVE-2024-26634
CVE-2024-26634 — Normal mode Affected: Linux kernel net subsystem involving network namespace handling. Summary: A BUG triggered when removing a net namespace with conflicting interface altnames could cause the main interface name to be overwritten during the namespace teardown. This occurred whe...
CVE-2024-27416
CVE-2024-27416 is a Linux kernel vulnerability: Bluetooth hci_event handling of HCI on_IO_CAPA_REQUEST when Read Remote Extended Features is pending could lead to an incorrect assumption that the remote supports SSP. The issue is addressed in kernel code by fixing the HCI_EV_IO_CAPA_REQUEST handl...