exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2024-36971

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_cache, then call dst_release(old_dst). Note that sk_dst_reset(sk) is implementing this protocol correctly, while __dst_negative_advice() uses the wrong order. Given that ip6_negative_advice() has special logic against RTF_CACHE, this means each of the three ->negative_advice() existing methods must perform the sk_dst_reset() themselves. Note the check against NULL dst is centralized in __dst_negative_advice(), there is no need to duplicate it in various callbacks. Many thanks to Clement Lecigne for tracking this issue. This old bug became visible after the blamed commit, using UDP sockets.

Related Files

Ubuntu Security Notice USN-6999-2
Posted Sep 24, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6999-2 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48772, CVE-2024-23848, CVE-2024-32936, CVE-2024-33621, CVE-2024-34027, CVE-2024-34777, CVE-2024-36015, CVE-2024-36244, CVE-2024-36270, CVE-2024-36286, CVE-2024-36479, CVE-2024-36484, CVE-2024-36489, CVE-2024-36971
SHA-256 | 6de1a939eafe16bbd634cfe3102ff4999f4af2a0695f025ac13e7dadc3e0867a
Ubuntu Security Notice USN-7007-2
Posted Sep 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7007-2 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48772, CVE-2024-23848, CVE-2024-25741, CVE-2024-31076, CVE-2024-33621, CVE-2024-34027, CVE-2024-35247, CVE-2024-35927, CVE-2024-36014, CVE-2024-36015, CVE-2024-36286, CVE-2024-36971, CVE-2024-36972, CVE-2024-37078
SHA-256 | 41bc59a99a084c9c65f05b5595c0193c9b8ba9e8e768f5e9e410d18762dd8014
Ubuntu Security Notice USN-7009-1
Posted Sep 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7009-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48772, CVE-2024-23848, CVE-2024-25741, CVE-2024-31076, CVE-2024-33847, CVE-2024-34027, CVE-2024-34777, CVE-2024-35247, CVE-2024-36015, CVE-2024-36032, CVE-2024-36270, CVE-2024-36489, CVE-2024-36894, CVE-2024-36971
SHA-256 | 5b612a46c804c77ac14a7809a47fec0de9fff4a8a6439f91a0d5ad4c32a28058
Ubuntu Security Notice USN-7008-1
Posted Sep 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7008-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48772, CVE-2024-23848, CVE-2024-31076, CVE-2024-32936, CVE-2024-33619, CVE-2024-34027, CVE-2024-34777, CVE-2024-35247, CVE-2024-36015, CVE-2024-36270, CVE-2024-36286, CVE-2024-36288, CVE-2024-36479, CVE-2024-36971
SHA-256 | 4d06037efff1b22fc4a25ee26edfc4fbdfa3522a94c990b7f8761e4399d65123
Red Hat Security Advisory 2024-5582-03
Posted Aug 20, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5582-03 - An update for kpatch-patch-4_18_0-372_87_1 and kpatch-patch-4_18_0-372_91_1 is now available for Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2024-36971
SHA-256 | a619bfbc272019d031f3b79a78b7d9ab82e4ffcd07dac1a49b44c5dad9b7cf8c
Red Hat Security Advisory 2024-5523-03
Posted Aug 19, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5523-03 - An update for kpatch-patch-5_14_0-427_13_1 is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-36971
SHA-256 | 83d3935043f75263eef60c1bf9adbc2f11803986a2e5e33367f84b0897dc582f
Red Hat Security Advisory 2024-5521-03
Posted Aug 19, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5521-03 - An update for kpatch-patch-5_14_0-284_48_1 and kpatch-patch-5_14_0-284_52_1 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-36971
SHA-256 | cb0f8d53b8c03d14b76cebdd35b0ed647ac00ee2346cb36586ef5ab17a298153
Red Hat Security Advisory 2024-5519-03
Posted Aug 19, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5519-03 - An update for kpatch-patch-4_18_0-305_120_1 is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-36971
SHA-256 | 25e75d6023ec4b16024fc5bc67752d36802ec14c938fc6b3c9bb34c97b0e9791
Red Hat Security Advisory 2024-5388-03
Posted Aug 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5388-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2024-36971
SHA-256 | 2630478a2540e87152e76c18c54fdfd643e96f63b94f6cd2474bebe295f79237
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close