Showing 1 - 7 of 7

CVE-2024-26583

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touching already freed data. Try to avoid the locking and extra flags altogether. Have the main thread hold an extra reference, this way we can depend solely on the atomic ref counter for synchronization. Don't futz with reiniting the completion, either, we are now tightly controlling when completion fires.

Related Files

Ubuntu Security Notice USN-6979-1: Posted Aug 22, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6979-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, kernel; systems | linux, ubuntu; advisories | CVE-2021-47131, CVE-2022-48655, CVE-2022-48772, CVE-2023-52434, CVE-2023-52585, CVE-2023-52882, CVE-2024-26583, CVE-2024-26584, CVE-2024-26907, CVE-2024-27398, CVE-2024-27399, CVE-2024-27401, CVE-2024-31076, CVE-2024-33621; SHA-256 | 45181d380e756f99b4eeeafa375e2c8cc12259e016b7c9172bb138604b02156d; Download | Favorite | View

Ubuntu Security Notice USN-6953-1: Posted Aug 9, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6953-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, kernel; systems | linux, ubuntu; advisories | CVE-2021-47131, CVE-2022-48655, CVE-2022-48674, CVE-2023-52434, CVE-2023-52882, CVE-2024-26583, CVE-2024-26907, CVE-2024-27398, CVE-2024-27401, CVE-2024-33621, CVE-2024-35976, CVE-2024-36016, CVE-2024-36017, CVE-2024-36270; SHA-256 | b1ed67fee33b4917c2d819ae313e1d458b7c4e2db993a5cf83d2ec6c6b54d6dd; Download | Favorite | View

Ubuntu Security Notice USN-6871-1: Posted Jul 4, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6871-1 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.; tags | advisory, denial of service, arbitrary, kernel; systems | linux, ubuntu; advisories | CVE-2023-52434, CVE-2023-52620, CVE-2023-52640, CVE-2023-52650, CVE-2023-52652, CVE-2023-52656, CVE-2023-52662, CVE-2023-6270, CVE-2023-7042, CVE-2024-0841, CVE-2024-21823, CVE-2024-22099, CVE-2024-26583, CVE-2024-26584; SHA-256 | e75c6514be3def7ee16cbaf589851843d91fcd8e70e2336b1bfdafd70dc0a30e; Download | Favorite | View

Ubuntu Security Notice USN-6821-4: Posted Jun 17, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6821-4 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.; tags | advisory, denial of service, arbitrary, kernel; systems | linux, ubuntu; advisories | CVE-2023-52434, CVE-2023-52447, CVE-2023-52640, CVE-2023-52641, CVE-2023-52644, CVE-2023-52645, CVE-2023-52650, CVE-2023-6270, CVE-2023-7042, CVE-2024-0841, CVE-2024-22099, CVE-2024-26583, CVE-2024-26584, CVE-2024-26603; SHA-256 | 005197f93f9635a71a9d722ed30f7f10170a59d2fc5bf3241cc4fd1eef53f94e; Download | Favorite | View

Ubuntu Security Notice USN-6821-3: Posted Jun 12, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6821-3 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.; tags | advisory, denial of service, arbitrary, kernel; systems | linux, ubuntu; advisories | CVE-2023-52434, CVE-2023-52447, CVE-2023-52620, CVE-2023-52640, CVE-2023-52641, CVE-2023-52645, CVE-2023-52650, CVE-2023-52662, CVE-2023-6270, CVE-2023-7042, CVE-2024-0841, CVE-2024-22099, CVE-2024-26583, CVE-2024-26603; SHA-256 | aae6b5f7c1a02571eceaa675caf0e3f9084a4a26a6ccfb4410f9c4ea33879bdd; Download | Favorite | View

Ubuntu Security Notice USN-6821-2: Posted Jun 11, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6821-2 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.; tags | advisory, denial of service, arbitrary, kernel; systems | linux, ubuntu; advisories | CVE-2023-52434, CVE-2023-52447, CVE-2023-52620, CVE-2023-52640, CVE-2023-52641, CVE-2023-52645, CVE-2023-52650, CVE-2023-52662, CVE-2023-6270, CVE-2023-7042, CVE-2024-0841, CVE-2024-22099, CVE-2024-26583, CVE-2024-26603; SHA-256 | c0d502aabcbbf1e5adcf7965d701523eed1192f64932ac780a636cf8bf6e2746; Download | Favorite | View

Ubuntu Security Notice USN-6821-1: Posted Jun 10, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6821-1 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.; tags | advisory, denial of service, arbitrary, kernel; systems | linux, ubuntu; advisories | CVE-2023-52434, CVE-2023-52447, CVE-2023-52620, CVE-2023-52640, CVE-2023-52641, CVE-2023-52645, CVE-2023-52650, CVE-2023-52662, CVE-2023-6270, CVE-2023-7042, CVE-2024-0841, CVE-2024-22099, CVE-2024-26583, CVE-2024-26603; SHA-256 | 6bfa3dcb7b71737d5c685bfda62b611297eb2a3e245d5048438c44e66d077a4e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 293 files
Ubuntu 64 files
Debian 22 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,175)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,140)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,480)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,022)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2024-26583

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems