CVE-2024-0641 – Kernel: deadlock leading to denial of service in tipc_crypto_key_revoke
https://notcve.org/view.php?id=CVE-2024-0641
A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system. Se encontró una vulnerabilidad de denegación de servicio en tipc_crypto_key_revoke en net/tipc/crypto.c en el subsistema TIPC del kernel de Linux. Este fallo permite a los invitados con privilegios de usuario local desencadenar un punto muerto y potencialmente bloquear el sistema. • https://access.redhat.com/security/cve/CVE-2024-0641 https://bugzilla.redhat.com/show_bug.cgi?id=2258757 https://github.com/torvalds/linux/commit/08e50cf071847323414df0835109b6f3560d44f5 • CWE-667: Improper Locking CWE-833: Deadlock •
CVE-2024-0639 – Kernel: potential deadlock on &net->sctp.addr_wq_lock leading to dos
https://notcve.org/view.php?id=CVE-2024-0639
A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system. Se encontró una vulnerabilidad de denegación de servicio debido a un punto muerto en sctp_auto_asconf_init en net/sctp/socket.c en el subsistema SCTP del kernel de Linux. Esta falla permite a los invitados con privilegios de usuario local desencadenar un punto muerto y potencialmente bloquear el sistema. • https://access.redhat.com/security/cve/CVE-2024-0639 https://bugzilla.redhat.com/show_bug.cgi?id=2258754 https://github.com/torvalds/linux/commit/6feb37b3b06e9049e20dcf7e23998f92c9c5be9a • CWE-667: Improper Locking CWE-833: Deadlock •
CVE-2024-0562 – Kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c
https://notcve.org/view.php?id=CVE-2024-0562
A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdi_unregister is called to stop further write-back and waits for associated delayed work to complete. However, wb_inode_writeback_end() may schedule bandwidth estimation work after this has completed, which can result in the timer attempting to access the recently freed bdi_writeback. Se encontró un fallo de use after free en el kernel de Linux. Cuando se elimina un disco, se llama a bdi_unregister para detener la reescritura adicional y espera a que se complete el trabajo retrasado asociado. • https://access.redhat.com/errata/RHSA-2024:0412 https://access.redhat.com/security/cve/CVE-2024-0562 https://bugzilla.redhat.com/show_bug.cgi?id=2258475 https://patchwork.kernel.org/project/linux-mm/patch/20220801155034.3772543-1-khazhy@google.com • CWE-416: Use After Free •
CVE-2023-6915 – Kernel: null pointer dereference vulnerability in ida_free in lib/idr.c
https://notcve.org/view.php?id=CVE-2023-6915
A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return. Se encontró un problema de desreferencia de puntero null en ida_free en lib/idr.c en el kernel de Linux. Este problema puede permitir que un atacante que utilice esta librería cause un problema de denegación de servicio debido a una verificación faltante en el retorno de una función. • https://access.redhat.com/errata/RHSA-2024:2394 https://access.redhat.com/errata/RHSA-2024:2950 https://access.redhat.com/errata/RHSA-2024:3138 https://access.redhat.com/security/cve/CVE-2023-6915 https://bugzilla.redhat.com/show_bug.cgi?id=2254982 https://github.com/torvalds/linux/commit/af73483f4e8b6f5c68c9aa63257bdd929a9c194a https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html • CWE-476: NULL Pointer Dereference •
CVE-2023-6040 – An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family)
https://notcve.org/view.php?id=CVE-2023-6040
An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access. Se informó y solucionó una vulnerabilidad de acceso fuera de los límites que involucraba a netfilter como: f1082dd31fe4 (netfilter: nf_tables: Rechazar tablas de familia no admitida); Al crear una nueva tabla netfilter, la falta de protección contra valores no válidos de la familia nf_tables (pf) dentro de la función `nf_tables_newtable` permite a un atacante lograr un acceso fuera de los límites. An out-of-bounds access vulnerability was found in the Linux Kernel. This issue occurs during the creation of a new netfilter table. The absence of safeguards in the nf_tables_newtable function against invalid nf_tables family (pf) values allows attackers to achieve unauthorized access. • http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html http://www.openwall.com/lists/oss-security/2024/01/12/1 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6040 https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html https://www.openwall.com/lists/oss-security/2024/01/12/1 https://access.redhat.com/security/cve/CVE-2023-6040 https://bugzilla& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •