PT-2025-26040 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A refcount leak issue in the Linux kernel's 9p protocol has been resolved. The problem occurred in the p9 read work error handling, where p9 req put needs to be called when...

PT-2025-18485 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A double-lock issue was reported by syzbot in the Linux kernel's 9p protocol, specifically in the trans fd/p9 conn cancel function. The lock is no longer needed after requests have bee...

PT-2025-18484 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel. The issue is related to the 9p protocol and file descriptor handling. Specifically, when the file descriptor refers to a pipe, th...

Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024119 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35905: Fixed int overflow for stack...

openSUSE: Security Advisory for qemu (SUSE-SU-2024:2977-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : qemu (SUSE-SU-2024:2977-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2977-1 advisory. - CVE-2023-2861: Fixed improper access control on special files via 9p protocol bsc1212968 - CVE-2024-4467: Fixed denial of service...

SUSE-SU-2024:2977-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2023-2861: Fixed improper access control on special files via 9p protocol bsc1212968 - CVE-2024-4467: Fixed denial of service and file read/write via qemu-img info command bsc1227322 Other fixes: - Fixed qemu build compilation with binutils...

CVE-2024-39463

In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid list Fix a use-after-free on dentry's dfsdata fid list when a thread looks up a fid through dentry while another thread unlinks it: UAF thread: refcountt: addition on 0;...

PT-2023-33326 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.33 through 5.10.157 Description: A potential socket leak was identified in the p9 socket open function of the net/9p protocol. The issue was introduced in version v2.6.33 and fixed in version v5.10.158. The actual...

PT-2022-36585 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.9.334 Description: The issue is related to the trans fd/p9 conn cancel function in the 9p protocol implementation, where the client lock is dropped earlier than expected. This is an automated ID intended to a...

PT-2022-36128 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.80 Description: The issue is related to the trans fd/p9 conn cancel function in the 9p protocol implementation, where the client lock is dropped earlier than expected. The actual impact and attack...

PT-2022-35942 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.10 Description: The issue is related to the trans fd/p9 conn cancel function in the 9p protocol, where the client lock is dropped earlier than expected. This is an automated ID intended to aid in discovery ...

PT-2022-36464 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: The issue is related to the trans fd/p9 conn cancel function in the 9p protocol implementation, where the client lock is dropped earlier than expected. The actual impact and attack...