Vasiliy Kovalev

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.8.0-rc3-std-def-alt1 #1 Description: The vulnerability is related to a use-after-free and null pointer dereference issue in the gtp genl dump pdp function. This issue can cause a general protection fault, potentially leading to a denial of service. The gtp net ops pernet operations structure for the subsystem must be registered before registering the generic netlink family. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: The issue is related to the `devlink init()` function in the Linux kernel, which is associated with the reuse of previously freed memory. This could allow an attacker to cause a denial of service. The problem arises because the pernet operations structure for the subsystem must be registered before registering the generic netlink family. In case of unsuccessful registration, an unregister operation should be performed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: The issue is related to a use-after-free vulnerability in the Linux kernel's IPv6 implementation, specifically in the `seg6 init()` function. This vulnerability can be exploited to cause a denial of service. The problem arises from the incorrect registration order of the pernet operations structure for the subsystem and the generic netlink family. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.