Количество 52
Количество 52
GHSA-22mj-9hjg-cp82
In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tap_get_user_xdp() path, which could cause a corrupted skb to be sent downstack. Even before the skb is transmitted, the tap_get_user_xdp()-->skb_set_network_header() may assume the size is more than ETH_HLEN. Once transmitted, this could either cause out-of-bound access beyond the actual length, or confuse the underlayer with incorrect or inconsistent header length in the skb metadata. In the alternative path, tap_get_user() already prohibits short frame which has the length less than Ethernet header size from being transmitted. This is to drop any frame shorter than the Ethernet header size just like how tap_get_user() does. CVE: CVE-2024-41090
BDU:2025-04193
Уязвимость компонента tap.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
ELSA-2024-5928
ELSA-2024-5928: kernel security update (IMPORTANT)
SUSE-SU-2025:1257-1
Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)
SUSE-SU-2025:1252-1
Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4)
SUSE-SU-2025:1232-1
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)
SUSE-SU-2025:1207-1
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)
ELSA-2024-12585
ELSA-2024-12585: Unbreakable Enterprise kernel-container security update (IMPORTANT)
ELSA-2024-12584
ELSA-2024-12584: Unbreakable Enterprise kernel-container security update (IMPORTANT)
ELSA-2024-12581
ELSA-2024-12581: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2024-12782
ELSA-2024-12782: Unbreakable Enterprise kernel-container security update (IMPORTANT)
ELSA-2024-12780
ELSA-2024-12780: Unbreakable Enterprise kernel security update (IMPORTANT)
SUSE-SU-2025:1262-1
Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)
SUSE-SU-2025:1260-1
Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)
SUSE-SU-2025:1254-1
Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)
SUSE-SU-2025:1231-1
Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5)
SUSE-SU-2025:1213-1
Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)
SUSE-SU-2024:2802-1
Security update for the Linux Kernel
SUSE-SU-2024:2892-1
Security update for the Linux Kernel
ELSA-2024-7000
ELSA-2024-7000: kernel security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-22mj-9hjg-cp82 In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tap_get_user_xdp() path, which could cause a corrupted skb to be sent downstack. Even before the skb is transmitted, the tap_get_user_xdp()-->skb_set_network_header() may assume the size is more than ETH_HLEN. Once transmitted, this could either cause out-of-bound access beyond the actual length, or confuse the underlayer with incorrect or inconsistent header length in the skb metadata. In the alternative path, tap_get_user() already prohibits short frame which has the length less than Ethernet header size from being transmitted. This is to drop any frame shorter than the Ethernet header size just like how tap_get_user() does. CVE: CVE-2024-41090 | 0% Низкий | 11 месяцев назад | |
 | BDU:2025-04193 Уязвимость компонента tap.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.1 | 0% Низкий | 11 месяцев назад |
| ELSA-2024-5928 ELSA-2024-5928: kernel security update (IMPORTANT) | 10 месяцев назад | ||
 | SUSE-SU-2025:1257-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4) | 2 месяца назад | ||
| SUSE-SU-2025:1252-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4) | 2 месяца назад | ||
| SUSE-SU-2025:1232-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) | 2 месяца назад | ||
| SUSE-SU-2025:1207-1 Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) | 2 месяца назад | ||
| ELSA-2024-12585 ELSA-2024-12585: Unbreakable Enterprise kernel-container security update (IMPORTANT) | 10 месяцев назад | ||
| ELSA-2024-12584 ELSA-2024-12584: Unbreakable Enterprise kernel-container security update (IMPORTANT) | 10 месяцев назад | ||
| ELSA-2024-12581 ELSA-2024-12581: Unbreakable Enterprise kernel security update (IMPORTANT) | 10 месяцев назад | ||
| ELSA-2024-12782 ELSA-2024-12782: Unbreakable Enterprise kernel-container security update (IMPORTANT) | 8 месяцев назад | ||
| ELSA-2024-12780 ELSA-2024-12780: Unbreakable Enterprise kernel security update (IMPORTANT) | 8 месяцев назад | ||
| SUSE-SU-2025:1262-1 Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3) | 2 месяца назад | ||
| SUSE-SU-2025:1260-1 Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3) | 2 месяца назад | ||
| SUSE-SU-2025:1254-1 Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) | 2 месяца назад | ||
| SUSE-SU-2025:1231-1 Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5) | 2 месяца назад | ||
| SUSE-SU-2025:1213-1 Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3) | 2 месяца назад | ||
| SUSE-SU-2024:2802-1 Security update for the Linux Kernel | 11 месяцев назад | ||
| SUSE-SU-2024:2892-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| ELSA-2024-7000 ELSA-2024-7000: kernel security update (IMPORTANT) | 9 месяцев назад |
Уязвимостей на страницу