In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.

In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.

In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.

ipvs: Defer ip_vs_ftp unregister during netns cleanup

In the Linux kernel, the following vulnerability has been resolved: i ...

In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.

Уязвимость компонента net/netfilter/ipvs ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Security update for the Linux Kernel

Security update for the Linux Kernel (Live Patch 42 for SUSE Linux Enterprise 15 SP4)

Security update for the Linux Kernel (Live Patch 41 for SUSE Linux Enterprise 15 SP4)

Security update for the Linux Kernel (Live Patch 37 for SUSE Linux Enterprise 15 SP4)

Security update for the Linux Kernel (Live Patch 38 for SUSE Linux Enterprise 15 SP4)

Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)

Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)

Security update for the Linux Kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP5)

Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5)

Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5)

Security update for the Linux Kernel (Live Patch 73 for SUSE Linux Enterprise 12 SP5)

Security update for the Linux Kernel (Live Patch 72 for SUSE Linux Enterprise 12 SP5)

Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5)