Количество 20
Количество 20
CVE-2024-36979
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward delay timer). Fix the rcu usage and also make sure we are not accessing freed memory by making br_mst_vlan_set_state use rcu read lock. [1] WARNING: suspicious RCU usage 6.9.0-rc6-syzkaller #0 Not tainted ----------------------------- net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage! ... stack backtrace: CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: <IRQ> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712 nbp_vlan_group net/bridge/br_privat...
CVE-2024-36979
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward delay timer). Fix the rcu usage and also make sure we are not accessing freed memory by making br_mst_vlan_set_state use rcu read lock. [1] WARNING: suspicious RCU usage 6.9.0-rc6-syzkaller #0 Not tainted ----------------------------- net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage! ... stack backtrace: CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: <IRQ> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712 nbp_vlan_group net/bridge/br_privat...
CVE-2024-36979
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward delay timer). Fix the rcu usage and also make sure we are not accessing freed memory by making br_mst_vlan_set_state use rcu read lock. [1] WARNING: suspicious RCU usage 6.9.0-rc6-syzkaller #0 Not tainted ----------------------------- net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage! ... stack backtrace: CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: <IRQ> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712 nbp_vlan_group n
CVE-2024-36979
In the Linux kernel, the following vulnerability has been resolved: n ...
GHSA-355p-v6gf-92vj
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward delay timer). Fix the rcu usage and also make sure we are not accessing freed memory by making br_mst_vlan_set_state use rcu read lock. [1] WARNING: suspicious RCU usage 6.9.0-rc6-syzkaller #0 Not tainted ----------------------------- net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage! ... stack backtrace: CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: <IRQ> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712 nbp_vlan_grou...
BDU:2024-06058
Уязвимость функции br_mst_set_state() реализации протокола IEEE 802.1D ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
SUSE-SU-2025:0268-1
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)
SUSE-SU-2025:0263-1
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)
SUSE-SU-2025:0269-1
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)
SUSE-SU-2025:0265-1
Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)
SUSE-SU-2025:0262-1
Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)
SUSE-SU-2025:0255-1
Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)
RLSA-2024:6567
Moderate: kernel security update
ELSA-2024-6567
ELSA-2024-6567: kernel security update (MODERATE)
ROS-20241129-01
Множественные уязвимости kernel-lt
RLSA-2024:5101
Important: kernel security update
ELSA-2024-5101
ELSA-2024-5101: kernel security update (IMPORTANT)
SUSE-SU-2024:3195-1
Security update for the Linux Kernel
SUSE-SU-2024:3383-1
Security update for the Linux Kernel
SUSE-SU-2024:3194-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-36979 In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward delay timer). Fix the rcu usage and also make sure we are not accessing freed memory by making br_mst_vlan_set_state use rcu read lock. [1] WARNING: suspicious RCU usage 6.9.0-rc6-syzkaller #0 Not tainted ----------------------------- net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage! ... stack backtrace: CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: <IRQ> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712 nbp_vlan_group net/bridge/br_privat... | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
 | CVE-2024-36979 In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward delay timer). Fix the rcu usage and also make sure we are not accessing freed memory by making br_mst_vlan_set_state use rcu read lock. [1] WARNING: suspicious RCU usage 6.9.0-rc6-syzkaller #0 Not tainted ----------------------------- net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage! ... stack backtrace: CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: <IRQ> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712 nbp_vlan_group net/bridge/br_privat... | CVSS3: 6.6 | 0% Низкий | около 1 года назад |
 | CVE-2024-36979 In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward delay timer). Fix the rcu usage and also make sure we are not accessing freed memory by making br_mst_vlan_set_state use rcu read lock. [1] WARNING: suspicious RCU usage 6.9.0-rc6-syzkaller #0 Not tainted ----------------------------- net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage! ... stack backtrace: CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: <IRQ> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712 nbp_vlan_group n | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
| CVE-2024-36979 In the Linux kernel, the following vulnerability has been resolved: n ... | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
| GHSA-355p-v6gf-92vj In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward delay timer). Fix the rcu usage and also make sure we are not accessing freed memory by making br_mst_vlan_set_state use rcu read lock. [1] WARNING: suspicious RCU usage 6.9.0-rc6-syzkaller #0 Not tainted ----------------------------- net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage! ... stack backtrace: CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: <IRQ> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712 nbp_vlan_grou... | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
 | BDU:2024-06058 Уязвимость функции br_mst_set_state() реализации протокола IEEE 802.1D ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
 | SUSE-SU-2025:0268-1 Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) | 5 месяцев назад | ||
| SUSE-SU-2025:0263-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) | 5 месяцев назад | ||
| SUSE-SU-2025:0269-1 Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) | 5 месяцев назад | ||
| SUSE-SU-2025:0265-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) | 5 месяцев назад | ||
| SUSE-SU-2025:0262-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) | 5 месяцев назад | ||
| SUSE-SU-2025:0255-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6) | 5 месяцев назад | ||
 | RLSA-2024:6567 Moderate: kernel security update | 9 месяцев назад | ||
| ELSA-2024-6567 ELSA-2024-6567: kernel security update (MODERATE) | 9 месяцев назад | ||
 | ROS-20241129-01 Множественные уязвимости kernel-lt | CVSS3: 8.8 | 7 месяцев назад | |
| RLSA-2024:5101 Important: kernel security update | 10 месяцев назад | ||
| ELSA-2024-5101 ELSA-2024-5101: kernel security update (IMPORTANT) | 11 месяцев назад | ||
| SUSE-SU-2024:3195-1 Security update for the Linux Kernel | 9 месяцев назад | ||
| SUSE-SU-2024:3383-1 Security update for the Linux Kernel | 9 месяцев назад | ||
| SUSE-SU-2024:3194-1 Security update for the Linux Kernel | 9 месяцев назад |
Уязвимостей на страницу