Page 187 of 977 results (0.014 seconds)

CVSS: -EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthop_grp contains two reserved fields that are not initialized by nla_put_nh_group(), and carry garbage. This can be observed e.g. with strace (edited for clarity): # ip nexthop add id 1 dev lo # ip nexthop add id 101 group 1 # strace -e recvmsg ip nexthop get id 101 ... recvmsg(... [{nla_len=12, nla_type=NHA_GROUP}, [{id=1, weight=0, resvd1=0x69, resvd2=0x67}]] ...) = 52 The fields are reserved and therefore not currently used. But as they are, they leak kernel memory, and the fact they are not just zero complicates repurposing of the fields for new ends. Initialize the full structure. • https://git.kernel.org/stable/c/430a049190de3c9e219f43084de9f1122da04570 https://git.kernel.org/stable/c/fd06cb4a5fc7bda3dea31712618a62af72a1c6cb https://git.kernel.org/stable/c/5cc4d71dda2dd4f1520f40e634a527022e48ccd8 https://git.kernel.org/stable/c/9e8f558a3afe99ce51a642ce0d3637ddc2b5d5d0 https://git.kernel.org/stable/c/1377de719652d868f5317ba8398b7e74c5f0430b https://git.kernel.org/stable/c/7704460acd7f5d35eb07c52500987dc9b95313fb https://git.kernel.org/stable/c/a13d3864b76ac87085ec530b2ff8e37482a63a96 https://git.kernel.org/stable/c/6d745cd0e9720282cd291d36b9db528ae •

CVSS: -EPSS: 0%CPEs: 2EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net: mediatek: Fix potential NULL pointer dereference in dummy net_device handling Move the freeing of the dummy net_device from mtk_free_dev() to mtk_remove(). Previously, if alloc_netdev_dummy() failed in mtk_probe(), eth->dummy_dev would be NULL. The error path would then call mtk_free_dev(), which in turn called free_netdev() assuming dummy_dev was allocated (but it was not), potentially causing a NULL pointer dereference. By moving free_netdev() to mtk_remove(), we ensure it's only called when mtk_probe() has succeeded and dummy_dev is fully allocated. This addresses a potential NULL pointer dereference detected by Smatch[1]. • https://git.kernel.org/stable/c/b209bd6d0bffb8991aba568e2d9a892c86a1a43c https://git.kernel.org/stable/c/af6bd5c9901b13a26eaf4d57d97a813297791596 https://git.kernel.org/stable/c/16f3a28cf5f876a7f3550d8f4c870a7b41bcfaef •

CVSS: -EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gso_size Linearize the skb when downgrading gso_size because it may trigger a BUG_ON() later when the skb is segmented as described in [1,2]. • https://git.kernel.org/stable/c/2be7e212d5419a400d051c84ca9fdd083e5aacac https://git.kernel.org/stable/c/a689f5eb13a90f892a088865478b3cd39f53d5dc https://git.kernel.org/stable/c/dda518dea60d556a2d171c0122ca7d9fdb7d473a https://git.kernel.org/stable/c/f6bb8c90cab97a3e03f8d30e3069efe6a742e0be https://git.kernel.org/stable/c/11ec79f5c7f74261874744039bc1551023edd6b2 https://git.kernel.org/stable/c/c3496314c53e7e82ddb544c825defc3e8c0e45cf https://git.kernel.org/stable/c/ec4eea14d75f7b0491194dd413f540dd19b8c733 https://git.kernel.org/stable/c/fa5ef655615a01533035c6139248c5b33 •

CVSS: -EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix a use after free in hfcmulti_tx() Don't dereference *sp after calling dev_kfree_skb(*sp). • https://git.kernel.org/stable/c/af69fb3a8ffa37e986db00ed93099dc44babeef4 https://git.kernel.org/stable/c/70db2c84631f50e02e6b32b543700699dd395803 https://git.kernel.org/stable/c/d3e4d4a98c5629ccdcb762a0ff6c82ba9738a0c3 https://git.kernel.org/stable/c/9460ac3dd1ae033bc2b021a458fb535a0c36ddb2 https://git.kernel.org/stable/c/8f4030277dfb9dbe04fd78566b19931097c9d629 https://git.kernel.org/stable/c/4d8b642985ae24f4b3656438eb8489834a17bb80 https://git.kernel.org/stable/c/ddc79556641ee070d36be0de4a1f0a16a71f1fc7 https://git.kernel.org/stable/c/7e4a539bca7d8d20f2c5d93c18cce8ef7 •

CVSS: -EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rx_len == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the previous transfer out of the RX FIFO into the start RX buffer. The core provides a register that will empty the RX and TX FIFOs, so do that before each transfer. • https://git.kernel.org/stable/c/9ac8d17694b66d54b13e9718b25c14ca36dbebbd https://git.kernel.org/stable/c/3feda3677e8bbe833c3a62a4091377a08f015b80 https://git.kernel.org/stable/c/45e03d35229b680b79dfea1103a1f2f07d0b5d75 https://git.kernel.org/stable/c/9cf71eb0faef4bff01df4264841b8465382d7927 •