exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2024-26924

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: add_elem("00000000") timeout 100 ms ... add_elem("0000000X") timeout 100 ms del_elem("0000000X") <---------------- delete one that was just added ... add_elem("00005000") timeout 100 ms 1) nft_pipapo_remove() removes element 0000000X Then, KASAN shows a splat. Looking at the remove function there is a chance that we will drop a rule that maps to a non-deactivated element. Removal happens in two steps, first we do a lookup for key k and return the to-be-removed element and mark it as inactive in the next generation. Then, in a second step, the element gets removed from the set/map. The _remove function does not work correctly if we have more than one element that share the same key. This can happen if we insert an element into a set when the set already holds an element with same key, but the element mapping to the existing key has timed out or is not active in the next generation. In such case its possible that removal will unmap the wrong element. If this happens, we will leak the non-deactivated element, it becomes unreachable. The element that got deactivated (and will be freed later) will remain reachable in the set data structure, this can result in a crash when such an element is retrieved during lookup (stale pointer). Add a check that the fully matching key does in fact map to the element that we have marked as inactive in the deactivation step. If not, we need to continue searching. Add a bug/warn trap at the end of the function as well, the remove function must not ever be called with an invisible/unreachable/non-existent element. v2: avoid uneeded temporary variable (Stefano)

Related Files

Kernel Live Patch Security Notice LSN-0105-1
Posted Jul 17, 2024
Authored by Benjamin M. Romer

It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2023-6270, CVE-2023-7192, CVE-2024-26642, CVE-2024-26828, CVE-2024-26924
SHA-256 | e841c7c43cd27027fc1462482840cc26556602ee6c248d45547e0f6361010c71
Ubuntu Security Notice USN-6864-3
Posted Jul 12, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6864-3 - It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. A security issue was discovered in the Linux kernel. An attacker could possibly use it to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2024-21823, CVE-2024-26924
SHA-256 | 3afccd52c60657160f5c19fffd7c6f30cfc9f572eb40fadf161cb1114d83f29a
Ubuntu Security Notice USN-6864-2
Posted Jul 5, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6864-2 - It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. A security issue was discovered in the Linux kernel. An attacker could possibly use it to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2024-21823, CVE-2024-26924
SHA-256 | c452c4abb986c9068df4afd1dcd3ecb2e2d84dd5c3f291916c0f22ac93074fcd
Ubuntu Security Notice USN-6864-1
Posted Jul 4, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6864-1 - It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. A security issue was discovered in the Linux kernel. An attacker could possibly use it to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2024-21823, CVE-2024-26924
SHA-256 | fd233eacf556c20adcc025c09e54fae61ff454c0e7a0b744ecc195fb76243b27
Ubuntu Security Notice USN-6863-1
Posted Jul 4, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6863-1 - A security issue was discovered in the Linux kernel. An attacker could possibly use it to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2024-26924
SHA-256 | 471a4c0582ab8659a8d122e8cfea5ac460d6ae97075a0578416f67bac4792400
Debian Security Advisory 5680-1
Posted May 7, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5680-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2024-26605, CVE-2024-26817, CVE-2024-26922, CVE-2024-26923, CVE-2024-26924, CVE-2024-26925, CVE-2024-26926, CVE-2024-26936, CVE-2024-26939, CVE-2024-26980, CVE-2024-26981, CVE-2024-26983, CVE-2024-26984, CVE-2024-26987
SHA-256 | 7fd70cae13607fa2096b0081a446ea326e11bc606c6b954441875225d5c5e703
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close