It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.(CVE-2023-6270)
It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion).(CVE-2023-7192)
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFTSET_EVAL to ensure legacy meters still work.(CVE-2024-26642)
In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parseserverinterfaces() In this loop, we step through the buffer and after each item we check if the sizeleft is greater than the minimum size we need. However, the problem is that 'bytesleft' is type ssizet while sizeof() is type sizet. That means that because of type promotion, the comparison is done as an unsigned and if we have negative bytes left the loop continues instead of ending.(CVE-2024-26828)
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: do not free live element (CVE-2024-26924)