259 matches found
UBUNTU-CVE-2024-42250
In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine when iterating xarray, otherwise: Even with RCU read lock held, only the slot of the radix tree is ensured to be pinned there, while...
CVE-2024-42250 cachefiles: add missing lock protection when polling
In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine when iterating xarray, otherwise: Even with RCU read lock held, only the slot of the radix tree is ensured to be pinned there, while...
CVE-2024-42250
Technical details about CVE-2024-42250 (affected component, root cause, impact, and remediation) are not provided in the connected documents. Monitor vendor advisories for updates.
CVE-2024-42250 cachefiles: add missing lock protection when polling
In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine when iterating xarray, otherwise: Even with RCU read lock held, only the slot of the radix tree is ensured to be pinned there, while...
CVE-2024-42250 cachefiles: add missing lock protection when polling
In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine when iterating xarray, otherwise: Even with RCU read lock held, only the slot of the radix tree is ensured to be pinned there, while...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a lack of lock protection in the cachefiles module during polling, requiring the addition of spinlocks to...
The vulnerability of the cachefiles_ondemand_daemon_read() function in the cachefiles file system of the Linux operating system allows a attacker to compromise the accessibility of protected information.
The vulnerability of the cachefilesondemanddaemonread function in the fs/cachefiles/ondemand.c file of the Linux kernel’s cachefiles file system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the accessibility of...
The vulnerability of the cachefiles_ondemand_daemon_read() function in the cachefiles file system of the Linux operating system allows a attacker to compromise the accessibility of protected information.
The vulnerability of the cachefilesondemanddaemonread function in the fs/cachefiles/ondemand.c file of the Linux kernel’s cachefile file system is related to the reutilization of previously freed memory due to competitive access to resources race condition. Exploiting this vulnerability could all...
SUSE CVE-2024-41050
In the Linux kernel, the following vulnerability has been resolved: cachefiles: cyclic allocation of msgid to avoid reuse Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed and result in a hung, as shown below: t1 | t2 | t3...
SUSE CVE-2024-41051
In the Linux kernel, the following vulnerability has been resolved: cachefiles: wait for ondemandobjectworker to finish when dropping object When queuing ondemandobjectworker to re-open the object, cachefilesobject is not pinned. The cachefilesobject may be freed when the pending read request is...
SUSE CVE-2024-41057
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN: slab-use-after-free in...
SUSE CVE-2024-41058
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in fscachewithdrawvolume We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN: slab-use-after-free in...
SUSE CVE-2024-41074
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Set object to close if ondemandid 0 in copen If copen is maliciously called in the user mode, it may delete the request corresponding to the random id. And the request may have not been read yet. Note that when the...
SUSE CVE-2024-41075
In the Linux kernel, the following vulnerability has been resolved: cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added checks are listed below: Generic, copen can only complete open request...
CVE-2024-41075
In the Linux kernel, the following vulnerability has been resolved: cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added checks are listed below: Generic, copen can only complete open request...
CVE-2024-41050
In the Linux kernel, the following vulnerability has been resolved: cachefiles: cyclic allocation of msgid to avoid reuse Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed and result in a hung, as shown below: t1 | t2 | t3...
CVE-2024-41075
In the Linux kernel, the following vulnerability has been resolved: cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added checks are listed below: Generic, copen can only complete open request...
DEBIAN-CVE-2024-41075
In the Linux kernel, the following vulnerability has been resolved: cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added checks are listed below: Generic, copen can only complete open request...
DEBIAN-CVE-2024-41074
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Set object to close if ondemandid 0 in copen If copen is maliciously called in the user mode, it may delete the request corresponding to the random id. And the request may have not been read yet. Note that when the...
CVE-2024-41050
In the Linux kernel, the following vulnerability has been resolved: cachefiles: cyclic allocation of msgid to avoid reuse Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed and result in a hung, as shown below: t1 | t2 | t3...