Showing 1 - 8 of 8

CVE-2024-36017

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a struct ifla_vf_vlan_info so the size of such attribute needs to be at least of sizeof(struct ifla_vf_vlan_info) which is 14 bytes. The current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes) which is less than sizeof(struct ifla_vf_vlan_info) so this validation is not enough and a too small attribute might be cast to a struct ifla_vf_vlan_info, this might result in an out of bands read access when accessing the saved (casted) entry in ivvl.

Related Files

Ubuntu Security Notice USN-6950-4: Posted Aug 22, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6950-4 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, kernel; systems | linux, ubuntu; advisories | CVE-2023-52585, CVE-2024-26900, CVE-2024-26936, CVE-2024-26980, CVE-2024-35848, CVE-2024-36017, CVE-2024-36031, CVE-2024-36880, CVE-2024-36897, CVE-2024-36902, CVE-2024-36906, CVE-2024-36916, CVE-2024-36919, CVE-2024-36929; SHA-256 | 2ffb7a8fcdb048d1878d536775b9a5dc1a6dfde0457ba9427be3df3622cc57cd; Download | Favorite | View

Ubuntu Security Notice USN-6950-3: Posted Aug 14, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6950-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, kernel; systems | linux, ubuntu; advisories | CVE-2023-52585, CVE-2024-26900, CVE-2024-26936, CVE-2024-26980, CVE-2024-35848, CVE-2024-36017, CVE-2024-36031, CVE-2024-36880, CVE-2024-36897, CVE-2024-36906, CVE-2024-36916, CVE-2024-36919, CVE-2024-36929, CVE-2024-36933; SHA-256 | 91f8a2f2abe5b38323a12e231eedb404e066a524561a85415eb8107933df16bf; Download | Favorite | View

Ubuntu Security Notice USN-6950-2: Posted Aug 13, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6950-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, kernel; systems | linux, ubuntu; advisories | CVE-2023-52585, CVE-2024-26900, CVE-2024-26936, CVE-2024-26980, CVE-2024-35848, CVE-2024-36017, CVE-2024-36031, CVE-2024-36880, CVE-2024-36897, CVE-2024-36906, CVE-2024-36916, CVE-2024-36919, CVE-2024-36929, CVE-2024-36933; SHA-256 | 104ac502cb413414c029ce1afea7a7125c6a91b2c0b2f41ab80523d51200d7f0; Download | Favorite | View

Ubuntu Security Notice USN-6957-1: Posted Aug 13, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6957-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, arbitrary, kernel, local; systems | linux, ubuntu; advisories | CVE-2023-52585, CVE-2023-52752, CVE-2024-25742, CVE-2024-26886, CVE-2024-26900, CVE-2024-26936, CVE-2024-26952, CVE-2024-26980, CVE-2024-27398, CVE-2024-27401, CVE-2024-35848, CVE-2024-36017, CVE-2024-36031, CVE-2024-36880; SHA-256 | 1b6c671ad22c716b20a65f830f590ef38c4830f15665bdd63a827e4614b24266; Download | Favorite | View

Ubuntu Security Notice USN-6956-1: Posted Aug 13, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6956-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, arbitrary, kernel, local; systems | linux, ubuntu; advisories | CVE-2023-52585, CVE-2023-52882, CVE-2024-25742, CVE-2024-26886, CVE-2024-26900, CVE-2024-26980, CVE-2024-27017, CVE-2024-27398, CVE-2024-27401, CVE-2024-35848, CVE-2024-35947, CVE-2024-36016, CVE-2024-36017, CVE-2024-36883; SHA-256 | f464d432d9b36ce1075f907239578c853edeab79402ddca247833a78cc930be9; Download | Favorite | View

Ubuntu Security Notice USN-6953-1: Posted Aug 9, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6953-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, kernel; systems | linux, ubuntu; advisories | CVE-2021-47131, CVE-2022-48655, CVE-2022-48674, CVE-2023-52434, CVE-2023-52882, CVE-2024-26583, CVE-2024-26907, CVE-2024-27398, CVE-2024-27401, CVE-2024-33621, CVE-2024-35976, CVE-2024-36016, CVE-2024-36017, CVE-2024-36270; SHA-256 | b1ed67fee33b4917c2d819ae313e1d458b7c4e2db993a5cf83d2ec6c6b54d6dd; Download | Favorite | View

Ubuntu Security Notice USN-6950-1: Posted Aug 9, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6950-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, kernel; systems | linux, ubuntu; advisories | CVE-2023-52585, CVE-2024-26900, CVE-2024-26936, CVE-2024-26980, CVE-2024-35848, CVE-2024-36017, CVE-2024-36031, CVE-2024-36880, CVE-2024-36897, CVE-2024-36906, CVE-2024-36916, CVE-2024-36919, CVE-2024-36929, CVE-2024-36933; SHA-256 | 520384544fee23ad6e708dc62b10e258d9da95523db931b26ecc05e116e68e8c; Download | Favorite | View

Debian Security Advisory 5703-1: Posted Jun 3, 2024; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5703-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.; tags | advisory, denial of service, kernel, vulnerability; systems | linux, debian; advisories | CVE-2022-48655, CVE-2023-52585, CVE-2023-52882, CVE-2024-26900, CVE-2024-27398, CVE-2024-27399, CVE-2024-27401, CVE-2024-35848, CVE-2024-35947, CVE-2024-36017, CVE-2024-36031, CVE-2024-36883, CVE-2024-36886, CVE-2024-36889; SHA-256 | 1476333bf5c1e2baed03920f541d970630980c5dab7ff43468471a8a13244d8e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 272 files
indoushka 184 files
Jay Turla 150 files
Ubuntu 90 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Gentoo 25 files
Karn Ganeshen 23 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,126)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,592)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,362)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,911)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,882)
UNIX (9,459)
UnixWare (188)
Windows (6,772)
Other

CVE-2024-36017

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems