CVE-2024-26581 – netfilter: nft_set_rbtree: skip end interval element from gc
https://notcve.org/view.php?id=CVE-2024-26581
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nft_set_rbtree: omitir elemento de intervalo final de gc rbtree lazy gc al insertar puede recopilar un elemento de intervalo final que se acaba de agregar en estas transacciones, omitir elementos de intervalo final que aún no están activo. A flaw was found in the Linux kernel’s Netfilter subsystem. This issue occurs in the nft_set_rbtree. rbtree lazy gc on insert, which might collect an end interval element just added in a transaction and skip the end interval elements not yet active. • https://github.com/madfxr/CVE-2024-26581-Checker https://git.kernel.org/stable/c/acaee227cf79c45a5d2d49c3e9a66333a462802c https://git.kernel.org/stable/c/893cb3c3513cf661a0ff45fe0cfa83fe27131f76 https://git.kernel.org/stable/c/50cbb9d195c197af671869c8cadce3bd483735a0 https://git.kernel.org/stable/c/89a4d1a89751a0fbd520e64091873e19cc0979e8 https://git.kernel.org/stable/c/f718863aca469a109895cb855e6b81fff4827d71 https://git.kernel.org/stable/c/cd66733932399475fe933cb3ec03e687ed401462 https://git.kernel.org/stable/c/10e9cb39313627f2eae4cd70c4b742074e998fd8 https: • CWE-416: Use After Free •
CVE-2023-52429
https://notcve.org/view.php?id=CVE-2023-52429
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. dm_table_create en drivers/md/dm-table.c en el kernel de Linux hasta 6.7.4 puede intentar (en alloc_targets) asignar más de INT_MAX bytes y fallar debido a que falta una verificación de la estructura dm_ioctl.target_count. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bd504bcfec41a503b32054da5472904b404341a4 https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3LZROQAX7Q7LEP4F7WQ3KUZKWCZGFFP2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GS7S3XLTLOUKBXV67LLFZWB3YVFJZHRK https://www.spinics.net/lis • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2024-25740
https://notcve.org/view.php?id=CVE-2024-25740
A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released. Se encontró una falla de pérdida de memoria en el controlador UBI en drivers/mtd/ubi/attach.c en el kernel de Linux hasta 6.7.4 para UBI_IOCATT, porque kobj->name no está publicado. • https://lore.kernel.org/lkml/0171b6cc-95ee-3538-913b-65a391a446b3%40huawei.com/T • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2024-25739 – kernel: crash due to a missing check for leb_size
https://notcve.org/view.php?id=CVE-2024-25739
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size. create_empty_lvol en drivers/mtd/ubi/vtbl.c en el kernel de Linux hasta 6.7.4 puede intentar asignar cero bytes y fallar debido a que falta una verificación de ubi->leb_size. A flaw was found in the Linux kernel. The create_empty_lvol function in the drivers/mtd/ubi/vtbl.c file can attempt to allocate zero bytes of memory when the LEB size is smaller than a single volume table record. This issue can result in a denial of service. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=68a24aba7c593eafa8fd00f2f76407b9b32b47a9 https://groups.google.com/g/syzkaller/c/Xl97YcQA4hg https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html https://www.spinics.net/lists/kernel/msg5074816.html https://access.redhat.com/security/cve/CVE-2024-25739 https://bugzilla.redhat.com/show_bug.cgi?id=2263879 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2024-1312 – Kernel: race condition leads to use after free during vma lock in lock_vma_under_rcu
https://notcve.org/view.php?id=CVE-2024-1312
A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function. This issue could allow a local user to crash the system. Se encontró una falla de use-after-free en el subsistema de administración de memoria del kernel de Linux cuando un usuario gana dos carreras al mismo tiempo con una falla en la función mas_prev_slot. Este problema podría permitir que un usuario local bloquee el sistema. • https://access.redhat.com/security/cve/CVE-2024-1312 https://bugzilla.redhat.com/show_bug.cgi?id=2225569 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/mm/memory.c?h=v6.8-rc3&id=657b5146955eba331e01b9a6ae89ce2e716ba306 • CWE-416: Use After Free •