Количество 19
Количество 19
CVE-2024-26583
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touching already freed data. Try to avoid the locking and extra flags altogether. Have the main thread hold an extra reference, this way we can depend solely on the atomic ref counter for synchronization. Don't futz with reiniting the completion, either, we are now tightly controlling when completion fires.
CVE-2024-26583
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touching already freed data. Try to avoid the locking and extra flags altogether. Have the main thread hold an extra reference, this way we can depend solely on the atomic ref counter for synchronization. Don't futz with reiniting the completion, either, we are now tightly controlling when completion fires.
CVE-2024-26583
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touching already freed data. Try to avoid the locking and extra flags altogether. Have the main thread hold an extra reference, this way we can depend solely on the atomic ref counter for synchronization. Don't futz with reiniting the completion, either, we are now tightly controlling when completion fires.
CVE-2024-26583
CVE-2024-26583
In the Linux kernel, the following vulnerability has been resolved: t ...
GHSA-j737-8h5g-42g9
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touching already freed data. Try to avoid the locking and extra flags altogether. Have the main thread hold an extra reference, this way we can depend solely on the atomic ref counter for synchronization. Don't futz with reiniting the completion, either, we are now tightly controlling when completion fires.
BDU:2024-01589
Уязвимость функции tls_decrypt_done (net/tls/tls_sw.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20240813-01
Множественные уязвимости kernel-lt
SUSE-SU-2024:2923-1
Security update for the Linux Kernel
SUSE-SU-2024:2948-1
Security update for the Linux Kernel
SUSE-SU-2024:3499-1
Security update for the Linux Kernel
ELSA-2024-2394
ELSA-2024-2394: kernel security, bug fix, and enhancement update (IMPORTANT)
RLSA-2024:4211
Important: kernel security and bug fix update
ELSA-2024-4211
ELSA-2024-4211: kernel security and bug fix update (IMPORTANT)
SUSE-SU-2024:3249-1
Security update for the Linux Kernel
SUSE-SU-2024:2929-1
Security update for the Linux Kernel
SUSE-SU-2024:2947-1
Security update for the Linux Kernel
SUSE-SU-2024:2894-1
Security update for the Linux Kernel
SUSE-SU-2024:2939-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-26583 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touching already freed data. Try to avoid the locking and extra flags altogether. Have the main thread hold an extra reference, this way we can depend solely on the atomic ref counter for synchronization. Don't futz with reiniting the completion, either, we are now tightly controlling when completion fires. | CVSS3: 4.7 | 0% Низкий | больше 1 года назад |
 | CVE-2024-26583 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touching already freed data. Try to avoid the locking and extra flags altogether. Have the main thread hold an extra reference, this way we can depend solely on the atomic ref counter for synchronization. Don't futz with reiniting the completion, either, we are now tightly controlling when completion fires. | CVSS3: 5.1 | 0% Низкий | больше 1 года назад |
 | CVE-2024-26583 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touching already freed data. Try to avoid the locking and extra flags altogether. Have the main thread hold an extra reference, this way we can depend solely on the atomic ref counter for synchronization. Don't futz with reiniting the completion, either, we are now tightly controlling when completion fires. | CVSS3: 4.7 | 0% Низкий | больше 1 года назад |
 | CVSS3: 4.7 | 0% Низкий | больше 1 года назад | |
| CVE-2024-26583 In the Linux kernel, the following vulnerability has been resolved: t ... | CVSS3: 4.7 | 0% Низкий | больше 1 года назад |
| GHSA-j737-8h5g-42g9 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touching already freed data. Try to avoid the locking and extra flags altogether. Have the main thread hold an extra reference, this way we can depend solely on the atomic ref counter for synchronization. Don't futz with reiniting the completion, either, we are now tightly controlling when completion fires. | CVSS3: 4.7 | 0% Низкий | больше 1 года назад |
 | BDU:2024-01589 Уязвимость функции tls_decrypt_done (net/tls/tls_sw.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 4.7 | 0% Низкий | больше 1 года назад |
 | ROS-20240813-01 Множественные уязвимости kernel-lt | CVSS3: 10 | 10 месяцев назад | |
 | SUSE-SU-2024:2923-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| SUSE-SU-2024:2948-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| SUSE-SU-2024:3499-1 Security update for the Linux Kernel | 9 месяцев назад | ||
| ELSA-2024-2394 ELSA-2024-2394: kernel security, bug fix, and enhancement update (IMPORTANT) | около 1 года назад | ||
 | RLSA-2024:4211 Important: kernel security and bug fix update | 11 месяцев назад | ||
| ELSA-2024-4211 ELSA-2024-4211: kernel security and bug fix update (IMPORTANT) | 12 месяцев назад | ||
| SUSE-SU-2024:3249-1 Security update for the Linux Kernel | 9 месяцев назад | ||
| SUSE-SU-2024:2929-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| SUSE-SU-2024:2947-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| SUSE-SU-2024:2894-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| SUSE-SU-2024:2939-1 Security update for the Linux Kernel | 10 месяцев назад |
Уязвимостей на страницу