Showing 1 - 4 of 4

CVE-2024-27020

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions list in __nft_expr_type_get(). Therefore, there is potential data-race of nf_tables_expressions list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_expressions list in __nft_expr_type_get(), and use rcu_read_lock() in the caller nft_expr_type_get() to protect the entire type query process.

Related Files

Ubuntu Security Notice USN-6926-3: Posted Aug 12, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6926-3 - 黄思聪 discovered that the NFC Controller Interface implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service.; tags | advisory, denial of service, kernel, local; systems | linux, ubuntu; advisories | CVE-2023-46343, CVE-2023-52436, CVE-2023-52444, CVE-2023-52449, CVE-2023-52469, CVE-2023-52752, CVE-2024-25739, CVE-2024-25744, CVE-2024-26857, CVE-2024-26882, CVE-2024-26923, CVE-2024-27020, CVE-2024-35978, CVE-2024-35997; SHA-256 | 67f80c016324f30ff3664a941b9a12abe1b24c7c9def9edb0d9cde6176d5315c; Download | Favorite | View

Ubuntu Security Notice USN-6926-2: Posted Aug 2, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6926-2 - 黄思聪 discovered that the NFC Controller Interface implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service.; tags | advisory, denial of service, kernel, local; systems | linux, ubuntu; advisories | CVE-2023-46343, CVE-2023-52435, CVE-2023-52436, CVE-2023-52443, CVE-2023-52444, CVE-2023-52449, CVE-2023-52752, CVE-2024-25739, CVE-2024-25744, CVE-2024-26882, CVE-2024-26901, CVE-2024-26923, CVE-2024-27020, CVE-2024-35978; SHA-256 | 2d46229c1bb410100a951de8431f990f91bf51ba7ec8b3772ca11b05a1a2247c; Download | Favorite | View

Ubuntu Security Notice USN-6938-1: Posted Aug 1, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6938-1 - It was discovered that the device input subsystem in the Linux kernel did not properly handle the case when an event code falls outside of a bitmap. A local attacker could use this to cause a denial of service. é»„æ€èª discovered that the NFC Controller Interface implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.; tags | advisory, denial of service, kernel, local; systems | linux, ubuntu; advisories | CVE-2021-46932, CVE-2021-46960, CVE-2022-48619, CVE-2023-46343, CVE-2023-52444, CVE-2023-52449, CVE-2023-52620, CVE-2024-24857, CVE-2024-25739, CVE-2024-26840, CVE-2024-26884, CVE-2024-26886, CVE-2024-26934, CVE-2024-27020; SHA-256 | 2b1fe74bf4e050be2f9b24272b13e4eb597cb8e2474c9e01998d2ad12881b722; Download | Favorite | View

Ubuntu Security Notice USN-6926-1: Posted Jul 29, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6926-1 - 黄思聪 discovered that the NFC Controller Interface implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service.; tags | advisory, denial of service, kernel, local; systems | linux, ubuntu; advisories | CVE-2023-46343, CVE-2023-52436, CVE-2023-52444, CVE-2023-52449, CVE-2023-52469, CVE-2023-52752, CVE-2024-25739, CVE-2024-25744, CVE-2024-26857, CVE-2024-26882, CVE-2024-26923, CVE-2024-27020, CVE-2024-35978, CVE-2024-35997; SHA-256 | 5946767f63c59a1b35d467132768a7ffe22b7db995b64fbe9e4a10be86c172d9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 242 files
Ubuntu 52 files
Debian 22 files
LiquidWorm 15 files
Apple 9 files
Gentoo 8 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,166)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,960)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,344)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,989)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

CVE-2024-27020

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems