Количество 18
Количество 18
BDU:2024-03771
Уязвимость функции nf_tables_unbind_set() в модуле net/netfilter/nf_tables_api.c компонента netfilter ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
CVE-2024-26643
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released from the commit path. Mingi Cho originally reported this issue in a different path in 6.1.x with a pipapo set with low timeouts which is not possible upstream since 7395dfacfff6 ("netfilter: nf_tables: use timestamp to check for set element timeout"). Fix this by setting on the dead flag for anonymous sets to skip async gc in this case. According to 08e4c8c5919f ("netfilter: nf_tables: mark newset as dead on transaction abort"), Florian plans to accelerate abort path by releasing objects via workqueue, therefore, this sets on the dead flag for abort path too.
CVE-2024-26643
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released from the commit path. Mingi Cho originally reported this issue in a different path in 6.1.x with a pipapo set with low timeouts which is not possible upstream since 7395dfacfff6 ("netfilter: nf_tables: use timestamp to check for set element timeout"). Fix this by setting on the dead flag for anonymous sets to skip async gc in this case. According to 08e4c8c5919f ("netfilter: nf_tables: mark newset as dead on transaction abort"), Florian plans to accelerate abort path by releasing objects via workqueue, therefore, this sets on the dead flag for abort path too.
CVE-2024-26643
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released from the commit path. Mingi Cho originally reported this issue in a different path in 6.1.x with a pipapo set with low timeouts which is not possible upstream since 7395dfacfff6 ("netfilter: nf_tables: use timestamp to check for set element timeout"). Fix this by setting on the dead flag for anonymous sets to skip async gc in this case. According to 08e4c8c5919f ("netfilter: nf_tables: mark newset as dead on transaction abort"), Florian plans to accelerate abort path by releasing objects via workqueue, therefore, this sets on the dead flag for abort path too.
CVE-2024-26643
In the Linux kernel, the following vulnerability has been resolved: n ...
GHSA-ph5r-c8gc-xg6f
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released from the commit path. Mingi Cho originally reported this issue in a different path in 6.1.x with a pipapo set with low timeouts which is not possible upstream since 7395dfacfff6 ("netfilter: nf_tables: use timestamp to check for set element timeout"). Fix this by setting on the dead flag for anonymous sets to skip async gc in this case. According to 08e4c8c5919f ("netfilter: nf_tables: mark newset as dead on transaction abort"), Florian plans to accelerate abort path by releasing objects via workqueue, therefore, this sets on the dead flag for abort path too.
ROS-20240821-02
Множественные уязвимости kernel-lt
ELSA-2024-3306
ELSA-2024-3306: kernel security and bug fix update (MODERATE)
RLSA-2024:3618
Moderate: kernel update
ELSA-2024-3618
ELSA-2024-3618: kernel update (MODERATE)
SUSE-SU-2024:2183-1
Security update for the Linux Kernel
SUSE-SU-2024:2185-1
Security update for the Linux Kernel
SUSE-SU-2024:2203-1
Security update for the Linux Kernel
SUSE-SU-2024:2135-1
Security update for the Linux Kernel
SUSE-SU-2024:2019-1
Security update for the Linux Kernel
SUSE-SU-2024:2190-1
Security update for the Linux Kernel
SUSE-SU-2024:2008-1
Security update for the Linux Kernel
SUSE-SU-2024:2973-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-03771 Уязвимость функции nf_tables_unbind_set() в модуле net/netfilter/nf_tables_api.c компонента netfilter ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 4.7 | 0% Низкий | больше 1 года назад |
 | CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released from the commit path. Mingi Cho originally reported this issue in a different path in 6.1.x with a pipapo set with low timeouts which is not possible upstream since 7395dfacfff6 ("netfilter: nf_tables: use timestamp to check for set element timeout"). Fix this by setting on the dead flag for anonymous sets to skip async gc in this case. According to 08e4c8c5919f ("netfilter: nf_tables: mark newset as dead on transaction abort"), Florian plans to accelerate abort path by releasing objects via workqueue, therefore, this sets on the dead flag for abort path too. | CVSS3: 5.5 | 0% Низкий | около 1 года назад |
 | CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released from the commit path. Mingi Cho originally reported this issue in a different path in 6.1.x with a pipapo set with low timeouts which is not possible upstream since 7395dfacfff6 ("netfilter: nf_tables: use timestamp to check for set element timeout"). Fix this by setting on the dead flag for anonymous sets to skip async gc in this case. According to 08e4c8c5919f ("netfilter: nf_tables: mark newset as dead on transaction abort"), Florian plans to accelerate abort path by releasing objects via workqueue, therefore, this sets on the dead flag for abort path too. | CVSS3: 4.7 | 0% Низкий | около 1 года назад |
 | CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released from the commit path. Mingi Cho originally reported this issue in a different path in 6.1.x with a pipapo set with low timeouts which is not possible upstream since 7395dfacfff6 ("netfilter: nf_tables: use timestamp to check for set element timeout"). Fix this by setting on the dead flag for anonymous sets to skip async gc in this case. According to 08e4c8c5919f ("netfilter: nf_tables: mark newset as dead on transaction abort"), Florian plans to accelerate abort path by releasing objects via workqueue, therefore, this sets on the dead flag for abort path too. | CVSS3: 5.5 | 0% Низкий | около 1 года назад |
| CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: n ... | CVSS3: 5.5 | 0% Низкий | около 1 года назад |
| GHSA-ph5r-c8gc-xg6f In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released from the commit path. Mingi Cho originally reported this issue in a different path in 6.1.x with a pipapo set with low timeouts which is not possible upstream since 7395dfacfff6 ("netfilter: nf_tables: use timestamp to check for set element timeout"). Fix this by setting on the dead flag for anonymous sets to skip async gc in this case. According to 08e4c8c5919f ("netfilter: nf_tables: mark newset as dead on transaction abort"), Florian plans to accelerate abort path by releasing objects via workqueue, therefore, this sets on the dead flag for abort path too. | CVSS3: 5.5 | 0% Низкий | около 1 года назад |
 | ROS-20240821-02 Множественные уязвимости kernel-lt | CVSS3: 9.8 | 10 месяцев назад | |
| ELSA-2024-3306 ELSA-2024-3306: kernel security and bug fix update (MODERATE) | около 1 года назад | ||
 | RLSA-2024:3618 Moderate: kernel update | около 1 года назад | ||
| ELSA-2024-3618 ELSA-2024-3618: kernel update (MODERATE) | около 1 года назад | ||
 | SUSE-SU-2024:2183-1 Security update for the Linux Kernel | 12 месяцев назад | ||
| SUSE-SU-2024:2185-1 Security update for the Linux Kernel | 12 месяцев назад | ||
| SUSE-SU-2024:2203-1 Security update for the Linux Kernel | 12 месяцев назад | ||
| SUSE-SU-2024:2135-1 Security update for the Linux Kernel | 12 месяцев назад | ||
| SUSE-SU-2024:2019-1 Security update for the Linux Kernel | около 1 года назад | ||
| SUSE-SU-2024:2190-1 Security update for the Linux Kernel | 12 месяцев назад | ||
| SUSE-SU-2024:2008-1 Security update for the Linux Kernel | около 1 года назад | ||
| SUSE-SU-2024:2973-1 Security update for the Linux Kernel | 10 месяцев назад |
Уязвимостей на страницу