Количество 19
Количество 19
CVE-2024-36905
In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets TCP_SYN_RECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash [1], syzbot managed to trigger a divide by zero in tcp_rcv_space_adjust() A socket makes the following state transitions, without ever calling tcp_init_transfer(), meaning tcp_init_buffer_space() is also not called. TCP_CLOSE connect() TCP_SYN_SENT TCP_SYN_RECV shutdown() -> tcp_shutdown(sk, SEND_SHUTDOWN) TCP_FIN_WAIT1 To fix this issue, change tcp_shutdown() to not perform a TCP_SYN_RECV -> TCP_FIN_WAIT1 transition, which makes no sense anyway. When tcp_rcv_state_process() later changes socket state from TCP_SYN_RECV to TCP_ESTABLISH, then look at sk->sk_shutdown to finally enter TCP_FIN_WAIT1 state, and send a FIN packet from a sane socket state. This means tcp_send_fin() can now be called from BH context, and must use GFP_ATOMIC...
CVE-2024-36905
In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets TCP_SYN_RECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash [1], syzbot managed to trigger a divide by zero in tcp_rcv_space_adjust() A socket makes the following state transitions, without ever calling tcp_init_transfer(), meaning tcp_init_buffer_space() is also not called. TCP_CLOSE connect() TCP_SYN_SENT TCP_SYN_RECV shutdown() -> tcp_shutdown(sk, SEND_SHUTDOWN) TCP_FIN_WAIT1 To fix this issue, change tcp_shutdown() to not perform a TCP_SYN_RECV -> TCP_FIN_WAIT1 transition, which makes no sense anyway. When tcp_rcv_state_process() later changes socket state from TCP_SYN_RECV to TCP_ESTABLISH, then look at sk->sk_shutdown to finally enter TCP_FIN_WAIT1 state, and send a FIN packet from a sane socket state. This means tcp_send_fin() can now be called from BH context, and must use GFP_ATOMIC...
CVE-2024-36905
In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets TCP_SYN_RECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash [1], syzbot managed to trigger a divide by zero in tcp_rcv_space_adjust() A socket makes the following state transitions, without ever calling tcp_init_transfer(), meaning tcp_init_buffer_space() is also not called. TCP_CLOSE connect() TCP_SYN_SENT TCP_SYN_RECV shutdown() -> tcp_shutdown(sk, SEND_SHUTDOWN) TCP_FIN_WAIT1 To fix this issue, change tcp_shutdown() to not perform a TCP_SYN_RECV -> TCP_FIN_WAIT1 transition, which makes no sense anyway. When tcp_rcv_state_process() later changes socket state from TCP_SYN_RECV to TCP_ESTABLISH, then look at sk->sk_shutdown to finally enter TCP_FIN_WAIT1 state, and send a FIN packet from a sane socket state. This means tcp_send_fin() can now be called
CVE-2024-36905
In the Linux kernel, the following vulnerability has been resolved: t ...
BDU:2024-06522
Уязвимость компонента tcp ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
ROS-20240816-12
Множественные уязвимости kernel-lt
ELSA-2024-12779
ELSA-2024-12779: Unbreakable Enterprise kernel security update (IMPORTANT)
SUSE-SU-2025:0035-1
Security update for the Linux Kernel
SUSE-SU-2024:4367-1
Security update for the Linux Kernel
RLSA-2024:5101
Important: kernel security update
ELSA-2024-5101
ELSA-2024-5101: kernel security update (IMPORTANT)
SUSE-SU-2024:4316-1
Security update for the Linux Kernel
SUSE-SU-2024:4376-1
Security update for the Linux Kernel
SUSE-SU-2024:4315-1
Security update for the Linux Kernel
SUSE-SU-2024:4314-1
Security update for the Linux Kernel
SUSE-SU-2024:4364-1
Security update for the Linux Kernel
ELSA-2024-9315
ELSA-2024-9315: kernel security update (MODERATE)
SUSE-SU-2024:4387-1
Security update for the Linux Kernel
SUSE-SU-2024:4318-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-36905 In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets TCP_SYN_RECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash [1], syzbot managed to trigger a divide by zero in tcp_rcv_space_adjust() A socket makes the following state transitions, without ever calling tcp_init_transfer(), meaning tcp_init_buffer_space() is also not called. TCP_CLOSE connect() TCP_SYN_SENT TCP_SYN_RECV shutdown() -> tcp_shutdown(sk, SEND_SHUTDOWN) TCP_FIN_WAIT1 To fix this issue, change tcp_shutdown() to not perform a TCP_SYN_RECV -> TCP_FIN_WAIT1 transition, which makes no sense anyway. When tcp_rcv_state_process() later changes socket state from TCP_SYN_RECV to TCP_ESTABLISH, then look at sk->sk_shutdown to finally enter TCP_FIN_WAIT1 state, and send a FIN packet from a sane socket state. This means tcp_send_fin() can now be called from BH context, and must use GFP_ATOMIC... | 0% Низкий | около 1 года назад | |
 | CVE-2024-36905 In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets TCP_SYN_RECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash [1], syzbot managed to trigger a divide by zero in tcp_rcv_space_adjust() A socket makes the following state transitions, without ever calling tcp_init_transfer(), meaning tcp_init_buffer_space() is also not called. TCP_CLOSE connect() TCP_SYN_SENT TCP_SYN_RECV shutdown() -> tcp_shutdown(sk, SEND_SHUTDOWN) TCP_FIN_WAIT1 To fix this issue, change tcp_shutdown() to not perform a TCP_SYN_RECV -> TCP_FIN_WAIT1 transition, which makes no sense anyway. When tcp_rcv_state_process() later changes socket state from TCP_SYN_RECV to TCP_ESTABLISH, then look at sk->sk_shutdown to finally enter TCP_FIN_WAIT1 state, and send a FIN packet from a sane socket state. This means tcp_send_fin() can now be called from BH context, and must use GFP_ATOMIC... | CVSS3: 5.5 | 0% Низкий | около 1 года назад |
 | CVE-2024-36905 In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets TCP_SYN_RECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash [1], syzbot managed to trigger a divide by zero in tcp_rcv_space_adjust() A socket makes the following state transitions, without ever calling tcp_init_transfer(), meaning tcp_init_buffer_space() is also not called. TCP_CLOSE connect() TCP_SYN_SENT TCP_SYN_RECV shutdown() -> tcp_shutdown(sk, SEND_SHUTDOWN) TCP_FIN_WAIT1 To fix this issue, change tcp_shutdown() to not perform a TCP_SYN_RECV -> TCP_FIN_WAIT1 transition, which makes no sense anyway. When tcp_rcv_state_process() later changes socket state from TCP_SYN_RECV to TCP_ESTABLISH, then look at sk->sk_shutdown to finally enter TCP_FIN_WAIT1 state, and send a FIN packet from a sane socket state. This means tcp_send_fin() can now be called | 0% Низкий | около 1 года назад | |
| CVE-2024-36905 In the Linux kernel, the following vulnerability has been resolved: t ... | 0% Низкий | около 1 года назад | |
 | BDU:2024-06522 Уязвимость компонента tcp ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации | CVSS3: 9.8 | 0% Низкий | около 1 года назад |
 | ROS-20240816-12 Множественные уязвимости kernel-lt | CVSS3: 9.8 | 10 месяцев назад | |
| ELSA-2024-12779 ELSA-2024-12779: Unbreakable Enterprise kernel security update (IMPORTANT) | 8 месяцев назад | ||
 | SUSE-SU-2025:0035-1 Security update for the Linux Kernel | 5 месяцев назад | ||
| SUSE-SU-2024:4367-1 Security update for the Linux Kernel | 6 месяцев назад | ||
 | RLSA-2024:5101 Important: kernel security update | 10 месяцев назад | ||
| ELSA-2024-5101 ELSA-2024-5101: kernel security update (IMPORTANT) | 11 месяцев назад | ||
| SUSE-SU-2024:4316-1 Security update for the Linux Kernel | 6 месяцев назад | ||
| SUSE-SU-2024:4376-1 Security update for the Linux Kernel | 6 месяцев назад | ||
| SUSE-SU-2024:4315-1 Security update for the Linux Kernel | 6 месяцев назад | ||
| SUSE-SU-2024:4314-1 Security update for the Linux Kernel | 6 месяцев назад | ||
| SUSE-SU-2024:4364-1 Security update for the Linux Kernel | 6 месяцев назад | ||
| ELSA-2024-9315 ELSA-2024-9315: kernel security update (MODERATE) | 7 месяцев назад | ||
| SUSE-SU-2024:4387-1 Security update for the Linux Kernel | 6 месяцев назад | ||
| SUSE-SU-2024:4318-1 Security update for the Linux Kernel | 6 месяцев назад |
Уязвимостей на страницу