Linux Kernel Vulnerabilities CVE-2024-56615, CVE-2024-56626, and CVE-2024-56627 in BPF devmap and ksmbd
F5 published security advisories for multiple Linux kernel vulnerabilities, including CVE-2024-56615, a bug in BPF map handling where signed integer indexing in DEVMAP/XSKMAP can lead to out-of-bounds (OOB) writes during element deletion and map free operations. The fix described changes index/iterator types from int to u32 to prevent OOB access, with advisory details including an example kernel crash trace originating in dev_map_free().
F5 also documented CVE-2024-56626 and CVE-2024-56627 affecting the in-kernel SMB server ksmbd when vfs objects = streams_xattr is configured in ksmbd.conf: a client-supplied negative offset can trigger an OOB write in ksmbd_vfs_stream_write (CVE-2024-56626) and an OOB read in ksmbd_vfs_stream_read (CVE-2024-56627). In all three advisories, F5 states there is no impact to F5 products (either not affected or previously resolved) and provides no customer action beyond standard kernel patching practices in affected environments.
Related Entities
Vulnerabilities
Organizations
Affected Products
Sources
Related Stories
Linux Kernel Vulnerability CVE-2025-21887 and Vendor Impact Assessments
A use-after-free vulnerability identified as CVE-2025-21887 was discovered in the Linux kernel's OverlayFS implementation, specifically involving improper handling of the `dput()` operation in `ovl_dentry_update_reval`. This flaw could potentially allow local attackers to exploit the kernel, but F5 has confirmed that none of its products are affected by this vulnerability. The issue has been resolved in the upstream Linux kernel, and vendors have begun evaluating and addressing the impact on their respective products. Red Hat and Ubuntu have both issued security advisories urging users and administrators to apply updates to address vulnerabilities in the Linux kernel across multiple supported versions and platforms. These advisories are part of a coordinated response to recent kernel vulnerabilities, including CVE-2025-21887, ensuring that enterprise and cloud environments remain protected. Organizations are encouraged to review vendor-specific guidance and implement the recommended patches to mitigate potential risks associated with this kernel flaw.
4 months agoMultiple F5 Security Advisories for Third-Party Vulnerabilities
F5 Networks has issued a series of security advisories addressing recently disclosed vulnerabilities in various third-party software components, including LibTIFF, GnuTLS, Samba, SQLite, Apache HTTP Server, gnuplot, and the Linux kernel (brcmfmac). Each advisory provides a technical summary of the vulnerability, its potential impact, and the results of F5's internal evaluation regarding exposure in their products. In all cases except for the SQLite vulnerability (CVE-2019-8457), F5 confirmed that their products are not affected and no action is required for customers using supported versions. The SQLite advisory (CVE-2019-8457) details a heap out-of-bounds read issue that could allow a remote, low-privileged user to crash the system by providing a maliciously crafted R-Tree table. F5 has assigned internal tracking IDs and provided guidance for customers to determine if their products are affected, including references to diagnostic tools and remediation steps. These advisories reflect F5's ongoing process of evaluating and communicating the impact of upstream vulnerabilities on their product portfolio, ensuring customers are informed about potential risks and mitigations.
3 months ago
Multiple Security Advisories for Major Software Products (January 2026)
Vendors including Ubuntu, IBM, VMware, Microsoft, Google, and F5 released security advisories and updates between January 5 and 12, 2026, addressing vulnerabilities across a range of widely used products. Notable issues include a high-severity vulnerability (CVE-2026-0628) in Google Chrome’s WebView component, which could allow malicious extensions or payloads to bypass security controls and inject scripts or HTML into privileged pages, as well as a Linux kernel vulnerability (CVE-2024-56614) that could result in out-of-bounds writes and potential memory corruption. Updates were also issued for Ubuntu Linux kernel packages, IBM Cloud Pak and related software, VMware Tanzu Greenplum Backup and Restore, and Microsoft Edge, with users urged to apply patches promptly to mitigate risk. The Linux kernel vulnerability (CVE-2024-56614) was specifically highlighted by F5, describing how improper bounds checking in the `xsk_map_delete_elem` function could lead to out-of-bounds memory access and system instability. Google’s Chrome update not only patched a critical security flaw but also introduced new rate limits for push notifications to reduce notification spam. The advisories from Ubuntu, IBM, VMware, and Microsoft Edge all emphasized the importance of applying the latest updates to address recently disclosed vulnerabilities and maintain system security across enterprise and consumer environments.
2 months ago