Petr Machata

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: The issue is related to a memory leak in the Linux kernel's VLAN component. When a dummy netdevice is removed, it can cause an underflow of the reference count for the real device, leading to a memory leak and an endless loop. This is because `dev put(real dev)` is called in `vlan dev free()` without a corresponding `dev hold(real dev)` in `register vlan dev()`. To fix this, `dev hold(real dev)` is moved to `vlan dev init()`, which is the callback for `ndo init()`, making `dev hold()` and `dev put()` symmetrical for the VLAN's real device. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A shift out of bounds issue in the group mask calculation of the af netlink component has been identified. When a netlink message is received, the `nl groups` field, which carries the multicast group on which the message was received, can lead to out-of-bounds shift attempts if the group number exceeds 32. This can result in either a wrong non-zero value or zero being set in the `nl groups` field. To determine membership in groups 32 or higher, userspace should use `nl pktinfo` control messages, enabled by the `NETLINK PKTINFO` socket option. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.