exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 17

BDU:2025-04702

больше 1 года назад

Уязвимость функции ppp_channel_bridge_input() компонента ppp ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 4.7

EPSS: Низкий

CVE-2024-49946

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ppp: do not assume bh is held in ppp_channel_bridge_input() Networking receive path is usually handled from BH handler. However, some protocols need to acquire the socket lock, and packets might be stored in the socket backlog is the socket was owned by a user process. In this case, release_sock(), __release_sock(), and sk_backlog_rcv() might call the sk->sk_backlog_rcv() handler in process context. sybot caught ppp was not considering this case in ppp_channel_bridge_input() : WARNING: inconsistent lock state 6.11.0-rc7-syzkaller-g5f5673607153 #0 Not tainted -------------------------------- inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. ksoftirqd/1/24 [HC0[0]:SC1[1]:HE1:SE0] takes: ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline] ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2272 [inline] ffff0000db7f11e0 (&...

CVSS3: 5.5

EPSS: Низкий

CVE-2024-49946

больше 1 года назад

CVSS3: 5.5

EPSS: Низкий

CVE-2024-49946

больше 1 года назад

CVSS3: 5.5

EPSS: Низкий

CVE-2024-49946

4 месяца назад

ppp: do not assume bh is held in ppp_channel_bridge_input()

CVSS3: 5.5

EPSS: Низкий

CVE-2024-49946

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: p ...

CVSS3: 5.5

EPSS: Низкий

GHSA-jq7w-hcx7-gm2r

больше 1 года назад

CVSS3: 5.5

EPSS: Низкий

ROS-20250414-01

около 1 года назад

Множественные уязвимости kernel-lt

CVSS3: 7.8

EPSS: Низкий

SUSE-SU-2024:3983-1

больше 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:3985-1

больше 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

ELSA-2024-12887

больше 1 года назад

ELSA-2024-12887: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS: Низкий

SUSE-SU-2024:3986-1

больше 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:3984-1

больше 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

ELSA-2025-6966

около 1 года назад

ELSA-2025-6966: kernel security update (MODERATE)

EPSS: Низкий

SUSE-SU-2024:4364-1

больше 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:4387-1

больше 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:4318-1

больше 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2025-04702 Уязвимость функции ppp_channel_bridge_input() компонента ppp ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 4.7	0% Низкий	больше 1 года назад
CVE-2024-49946 In the Linux kernel, the following vulnerability has been resolved: ppp: do not assume bh is held in ppp_channel_bridge_input() Networking receive path is usually handled from BH handler. However, some protocols need to acquire the socket lock, and packets might be stored in the socket backlog is the socket was owned by a user process. In this case, release_sock(), __release_sock(), and sk_backlog_rcv() might call the sk->sk_backlog_rcv() handler in process context. sybot caught ppp was not considering this case in ppp_channel_bridge_input() : WARNING: inconsistent lock state 6.11.0-rc7-syzkaller-g5f5673607153 #0 Not tainted -------------------------------- inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. ksoftirqd/1/24 [HC0[0]:SC1[1]:HE1:SE0] takes: ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline] ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2272 [inline] ffff0000db7f11e0 (&...	CVSS3: 5.5	0% Низкий	больше 1 года назад
CVE-2024-49946 In the Linux kernel, the following vulnerability has been resolved: ppp: do not assume bh is held in ppp_channel_bridge_input() Networking receive path is usually handled from BH handler. However, some protocols need to acquire the socket lock, and packets might be stored in the socket backlog is the socket was owned by a user process. In this case, release_sock(), __release_sock(), and sk_backlog_rcv() might call the sk->sk_backlog_rcv() handler in process context. sybot caught ppp was not considering this case in ppp_channel_bridge_input() : WARNING: inconsistent lock state 6.11.0-rc7-syzkaller-g5f5673607153 #0 Not tainted -------------------------------- inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. ksoftirqd/1/24 [HC0[0]:SC1[1]:HE1:SE0] takes: ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline] ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2272 [inline] ffff0000db7f11e0 (&...	CVSS3: 5.5	0% Низкий	больше 1 года назад
CVE-2024-49946 In the Linux kernel, the following vulnerability has been resolved: ppp: do not assume bh is held in ppp_channel_bridge_input() Networking receive path is usually handled from BH handler. However, some protocols need to acquire the socket lock, and packets might be stored in the socket backlog is the socket was owned by a user process. In this case, release_sock(), __release_sock(), and sk_backlog_rcv() might call the sk->sk_backlog_rcv() handler in process context. sybot caught ppp was not considering this case in ppp_channel_bridge_input() : WARNING: inconsistent lock state 6.11.0-rc7-syzkaller-g5f5673607153 #0 Not tainted -------------------------------- inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. ksoftirqd/1/24 [HC0[0]:SC1[1]:HE1:SE0] takes: ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline] ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2272 [inline] ffff0000db7f11	CVSS3: 5.5	0% Низкий	больше 1 года назад
CVE-2024-49946 ppp: do not assume bh is held in ppp_channel_bridge_input()	CVSS3: 5.5	0% Низкий	4 месяца назад
CVE-2024-49946 In the Linux kernel, the following vulnerability has been resolved: p ...	CVSS3: 5.5	0% Низкий	больше 1 года назад
GHSA-jq7w-hcx7-gm2r In the Linux kernel, the following vulnerability has been resolved: ppp: do not assume bh is held in ppp_channel_bridge_input() Networking receive path is usually handled from BH handler. However, some protocols need to acquire the socket lock, and packets might be stored in the socket backlog is the socket was owned by a user process. In this case, release_sock(), __release_sock(), and sk_backlog_rcv() might call the sk->sk_backlog_rcv() handler in process context. sybot caught ppp was not considering this case in ppp_channel_bridge_input() : WARNING: inconsistent lock state 6.11.0-rc7-syzkaller-g5f5673607153 #0 Not tainted -------------------------------- inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. ksoftirqd/1/24 [HC0[0]:SC1[1]:HE1:SE0] takes: ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline] ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2272 [inline] ffff0000db7...	CVSS3: 5.5	0% Низкий	больше 1 года назад
ROS-20250414-01 Множественные уязвимости kernel-lt	CVSS3: 7.8		около 1 года назад
SUSE-SU-2024:3983-1 Security update for the Linux Kernel			больше 1 года назад
SUSE-SU-2024:3985-1 Security update for the Linux Kernel			больше 1 года назад
ELSA-2024-12887 ELSA-2024-12887: Unbreakable Enterprise kernel security update (IMPORTANT)			больше 1 года назад
SUSE-SU-2024:3986-1 Security update for the Linux Kernel			больше 1 года назад
SUSE-SU-2024:3984-1 Security update for the Linux Kernel			больше 1 года назад
ELSA-2025-6966 ELSA-2025-6966: kernel security update (MODERATE)			около 1 года назад
SUSE-SU-2024:4364-1 Security update for the Linux Kernel			больше 1 года назад
SUSE-SU-2024:4387-1 Security update for the Linux Kernel			больше 1 года назад
SUSE-SU-2024:4318-1 Security update for the Linux Kernel			больше 1 года назад

Уязвимостей на страницу