Showing 1 - 2 of 2

CVE-2024-35857

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: icmp: prevent possible NULL dereferences from icmp_build_probe() First problem is a double call to __in_dev_get_rcu(), because the second one could return NULL. if (__in_dev_get_rcu(dev) && __in_dev_get_rcu(dev)->ifa_list) Second problem is a read from dev->ip6_ptr with no NULL check: if (!list_empty(&rcu_dereference(dev->ip6_ptr)->addr_list)) Use the correct RCU API to fix these. v2: add missing include <net/addrconf.h>

Related Files

Ubuntu Security Notice USN-6952-2: Posted Aug 14, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6952-2 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, arbitrary, kernel, local; systems | linux, ubuntu; advisories | CVE-2023-52882, CVE-2024-25742, CVE-2024-27394, CVE-2024-27395, CVE-2024-27396, CVE-2024-27401, CVE-2024-35846, CVE-2024-35847, CVE-2024-35849, CVE-2024-35852, CVE-2024-35853, CVE-2024-35855, CVE-2024-35857, CVE-2024-35858; SHA-256 | 2ec5b9718d9b9c02dfbc17231e580ae35883ce5fe7b5f347d0827492d4006ee2; Download | Favorite | View

Ubuntu Security Notice USN-6952-1: Posted Aug 9, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6952-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, arbitrary, kernel, local; systems | linux, ubuntu; advisories | CVE-2023-52882, CVE-2024-25742, CVE-2024-27394, CVE-2024-27395, CVE-2024-27396, CVE-2024-27401, CVE-2024-35846, CVE-2024-35847, CVE-2024-35849, CVE-2024-35852, CVE-2024-35853, CVE-2024-35855, CVE-2024-35857, CVE-2024-35858; SHA-256 | 4096317c1a9bde967a3c305817802b1b430dad31a7749285f4b9eebbdce233f9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 227 files
indoushka 137 files
Ubuntu 72 files
Gentoo 33 files
Debian 28 files
Sebastian Hamann 8 files
Jann Horn 7 files
Jaggar Henry 6 files
Google Security Research 6 files
Moritz Abrell 6 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,112)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,945)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,659)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,783)
UNIX (9,443)
UnixWare (187)
Windows (6,679)
Other

CVE-2024-35857

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems