Количество 67
Количество 67
BDU:2024-09781
Уязвимость функции ip6_fragment() реализации протокола IPv6 ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
CVE-2022-48956
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline] BUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951 Read of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618 CPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:284 [inline] print_report+0x15e/0x45d mm/kasan/report.c:395 kasan_report+0xbf/0x1f0 mm/kasan/report.c:495 ip6_dst_idev include/net/ip6_fib.h:245 [inline] ip6_fragment+...
CVE-2022-48956
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline] BUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951 Read of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618 CPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:284 [inline] print_report+0x15e/0x45d mm/kasan/report.c:395 kasan_report+0xbf/0x1f0 mm/kasan/report.c:495 ip6_dst_idev include/net/ip6_fib.h:245 [inline] ip6_fragment+0x2724...
CVE-2022-48956
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline] BUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951 Read of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618 CPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:284 [inline] print_report+0x15e/0x45d mm/kasan/report.c:395 kasan_report+0xbf/0x1f0 mm/kasan/report.c:495 ip6_dst_idev include/net/ip6_fib.h:245 [inline] ip6_frag
CVE-2022-48956
In the Linux kernel, the following vulnerability has been resolved: i ...
ROS-20250211-01
Множественные уязвимости kernel-lt
GHSA-h52p-rfc4-3rcf
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline] BUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951 Read of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618 CPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:284 [inline] print_report+0x15e/0x45d mm/kasan/report.c:395 kasan_report+0xbf/0x1f0 mm/kasan/report.c:495 ip6_dst_idev include/net/ip6_fib.h:245 [inline] ip6_f...
SUSE-SU-2025:0185-1
Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)
SUSE-SU-2025:0180-1
Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)
SUSE-SU-2025:0177-1
Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5)
SUSE-SU-2025:0136-1
Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP3)
SUSE-SU-2025:0123-1
Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP4)
SUSE-SU-2025:0112-1
Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5)
SUSE-SU-2025:0108-1
Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4)
SUSE-SU-2025:0098-1
Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3)
SUSE-SU-2025:0246-1
Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)
SUSE-SU-2025:0172-1
Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4)
SUSE-SU-2025:0132-1
Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)
SUSE-SU-2025:0100-1
Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5)
SUSE-SU-2025:0094-1
Security update for the Linux Kernel (Live Patch 51 for SLE 12 SP5)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-09781 Уязвимость функции ip6_fragment() реализации протокола IPv6 ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации | CVSS3: 7.8 | 0% Низкий | больше 2 лет назад |
 | CVE-2022-48956 In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline] BUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951 Read of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618 CPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:284 [inline] print_report+0x15e/0x45d mm/kasan/report.c:395 kasan_report+0xbf/0x1f0 mm/kasan/report.c:495 ip6_dst_idev include/net/ip6_fib.h:245 [inline] ip6_fragment+... | CVSS3: 7.8 | 0% Низкий | 8 месяцев назад |
 | CVE-2022-48956 In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline] BUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951 Read of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618 CPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:284 [inline] print_report+0x15e/0x45d mm/kasan/report.c:395 kasan_report+0xbf/0x1f0 mm/kasan/report.c:495 ip6_dst_idev include/net/ip6_fib.h:245 [inline] ip6_fragment+0x2724... | CVSS3: 6.6 | 0% Низкий | 8 месяцев назад |
 | CVE-2022-48956 In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline] BUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951 Read of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618 CPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:284 [inline] print_report+0x15e/0x45d mm/kasan/report.c:395 kasan_report+0xbf/0x1f0 mm/kasan/report.c:495 ip6_dst_idev include/net/ip6_fib.h:245 [inline] ip6_frag | CVSS3: 7.8 | 0% Низкий | 8 месяцев назад |
| CVE-2022-48956 In the Linux kernel, the following vulnerability has been resolved: i ... | CVSS3: 7.8 | 0% Низкий | 8 месяцев назад |
 | ROS-20250211-01 Множественные уязвимости kernel-lt | CVSS3: 7.8 | 4 месяца назад | |
| GHSA-h52p-rfc4-3rcf In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline] BUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951 Read of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618 CPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:284 [inline] print_report+0x15e/0x45d mm/kasan/report.c:395 kasan_report+0xbf/0x1f0 mm/kasan/report.c:495 ip6_dst_idev include/net/ip6_fib.h:245 [inline] ip6_f... | CVSS3: 7.8 | 0% Низкий | 8 месяцев назад |
 | SUSE-SU-2025:0185-1 Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4) | 5 месяцев назад | ||
| SUSE-SU-2025:0180-1 Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3) | 5 месяцев назад | ||
| SUSE-SU-2025:0177-1 Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5) | 5 месяцев назад | ||
| SUSE-SU-2025:0136-1 Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP3) | 5 месяцев назад | ||
| SUSE-SU-2025:0123-1 Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP4) | 5 месяцев назад | ||
| SUSE-SU-2025:0112-1 Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) | 5 месяцев назад | ||
| SUSE-SU-2025:0108-1 Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4) | 5 месяцев назад | ||
| SUSE-SU-2025:0098-1 Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3) | 5 месяцев назад | ||
| SUSE-SU-2025:0246-1 Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3) | 5 месяцев назад | ||
| SUSE-SU-2025:0172-1 Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4) | 5 месяцев назад | ||
| SUSE-SU-2025:0132-1 Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3) | 5 месяцев назад | ||
| SUSE-SU-2025:0100-1 Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5) | 5 месяцев назад | ||
| SUSE-SU-2025:0094-1 Security update for the Linux Kernel (Live Patch 51 for SLE 12 SP5) | 5 месяцев назад |
Уязвимостей на страницу