CVE-2024-41051

In the Linux kernel, the following vulnerability has been resolved: cachefiles: wait for ondemandobjectworker to finish when dropping object When queuing ondemandobjectworker to re-open the object, cachefilesobject is not pinned. The cachefilesobject may be freed when the pending read request is...

CVE-2024-41057

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN: slab-use-after-free in...

DEBIAN-CVE-2024-41051

In the Linux kernel, the following vulnerability has been resolved: cachefiles: wait for ondemandobjectworker to finish when dropping object When queuing ondemandobjectworker to re-open the object, cachefilesobject is not pinned. The cachefilesobject may be freed when the pending read request is...

DEBIAN-CVE-2024-41058

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in fscachewithdrawvolume We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN: slab-use-after-free in...

DEBIAN-CVE-2024-41057

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN: slab-use-after-free in...

DEBIAN-CVE-2024-41050

In the Linux kernel, the following vulnerability has been resolved: cachefiles: cyclic allocation of msgid to avoid reuse Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed and result in a hung, as shown below: t1 | t2 | t3...

UBUNTU-CVE-2024-41058

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in fscachewithdrawvolume We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN: slab-use-after-free in...

UBUNTU-CVE-2024-41075

In the Linux kernel, the following vulnerability has been resolved: cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added checks are listed below: Generic, copen can only complete open request...

UBUNTU-CVE-2024-41050

In the Linux kernel, the following vulnerability has been resolved: cachefiles: cyclic allocation of msgid to avoid reuse Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed and result in a hung, as shown below: t1 | t2 | t3...

UBUNTU-CVE-2024-41074

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Set object to close if ondemandid 0 in copen If copen is maliciously called in the user mode, it may delete the request corresponding to the random id. And the request may have not been read yet. Note that when the...

UBUNTU-CVE-2024-41057

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN: slab-use-after-free in...

UBUNTU-CVE-2024-41051

In the Linux kernel, the following vulnerability has been resolved: cachefiles: wait for ondemandobjectworker to finish when dropping object When queuing ondemandobjectworker to re-open the object, cachefilesobject is not pinned. The cachefilesobject may be freed when the pending read request is...

CVE-2024-41075 cachefiles: add consistency check for copen/cread

In the Linux kernel, the following vulnerability has been resolved: cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added checks are listed below: Generic, copen can only complete open request...

CVE-2024-41075 cachefiles: add consistency check for copen/cread

In the Linux kernel, the following vulnerability has been resolved: cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added checks are listed below: Generic, copen can only complete open request...

CVE-2024-41075

CVE-2024-41075 affects the Linux kernel cachefiles subsystem. The vulnerability arises in copen/cread handling, where insufficient consistency checks could permit a malicious process to complete arbitrary open/read requests, potentially crashing the system. The fixed approach adds explicit checks...

CVE-2024-41074 cachefiles: Set object to close if ondemand_id < 0 in copen

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Set object to close if ondemandid 0 in copen If copen is maliciously called in the user mode, it may delete the request corresponding to the random id. And the request may have not been read yet. Note that when the...

CVE-2024-41074

Technical details for CVE-2024-41074 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.

CVE-2024-41074 cachefiles: Set object to close if ondemand_id < 0 in copen

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Set object to close if ondemandid 0 in copen If copen is maliciously called in the user mode, it may delete the request corresponding to the random id. And the request may have not been read yet. Note that when the...

CVE-2024-41074 cachefiles: Set object to close if ondemand_id < 0 in copen

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Set object to close if ondemandid 0 in copen If copen is maliciously called in the user mode, it may delete the request corresponding to the random id. And the request may have not been read yet. Note that when the...

CVE-2024-41058 cachefiles: fix slab-use-after-free in fscache_withdraw_volume()

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in fscachewithdrawvolume We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN: slab-use-after-free in...