kernel: cachefiles: fix dentry leak in cachefiles_open_file()

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix dentry leak in cachefilesopenfile A dentry leak may be caused when a lookup cookie and a cull are concurrent: P1 | P2 ----------------------------------------------------------- cachefileslookupcookie...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero CVE-2024-26982 In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object-file...

The vulnerability of the cachefiles_daemon_open() function in the cachefiles component of the Linux operating system allows a hacker to gain elevated privileges within the system.

The vulnerability of the cachefilesdaemonopen function in the cachefiles component of the Linux kernel is related to a memory leak. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

The vulnerabilities of the functions cachefiles_open_file(), fput(), and cachefiles_look_up_object() of the CacheFiles component in the Linux kernel allow a hacker to cause a service failure.

The vulnerabilities of the functions cachefilesopenfile, fput, and cachefileslookupobject in the CacheFiles component of the Linux kernel are related to the lack of memory release after the effective lifespan of these functions has ended. Exploiting these vulnerabilities could allow an attacker t...

Linux Distros Unpatched Vulnerability : CVE-2024-49870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cachefiles: fix dentry leak in cachefilesopenfile A dentry leak may be caused when a lookup cookie and a cull are concurrent: P1 | P2...

Linux Distros Unpatched Vulnerability : CVE-2024-46748

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cachefiles: Set the max subreq size for cache writes to MAXRWCOUNT Set the maximum size of a subrequest that writes to cachefiles to be MAXRWCOUNT so that we...

Linux Distros Unpatched Vulnerability : CVE-2024-26840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cachefiles: fix memory leak in cachefilesaddcache The following memory leak was reported after unbinding /dev/cachefiles:...

Linux Distros Unpatched Vulnerability : CVE-2024-40935

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cachefiles: flush all requests after setting CACHEFILESDEAD In ondemand mode, when the daemo...

Linux Distros Unpatched Vulnerability : CVE-2024-41050

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cachefiles: cyclic allocation of msgid to avoid reuse Reusing the msgid after a maliciously completed reopen request may cause a read request to remain...

Linux Distros Unpatched Vulnerability : CVE-2022-49062

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix KASAN slab-out-of- bounds in cachefilessetvolumexattr Use the actual length ...

Linux Distros Unpatched Vulnerability : CVE-2024-41057

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie We got the following issue ...

SUSE CVE-2022-49062

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix KASAN slab-out-of-bounds in cachefilessetvolumexattr Use the actual length of volume coherency data when setting the xattr to avoid the following KASAN report. BUG: KASAN: slab-out-of-bounds in...

SUSE CVE-2022-49064

In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in use in error path Unmark inode in use if error encountered. If the in-use flag leakage occurs in cachefilesopenfile, Cachefiles will complain "Inode already in use" when later another cookie with the...

DEBIAN-CVE-2022-49064

In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in use in error path Unmark inode in use if error encountered. If the in-use flag leakage occurs in cachefilesopenfile, Cachefiles will complain "Inode already in use" when later another cookie with the...

CVE-2022-49062

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix KASAN slab-out-of-bounds in cachefilessetvolumexattr Use the actual length of volume coherency data when setting the xattr to avoid the following KASAN report. BUG: KASAN: slab-out-of-bounds in...

CVE-2022-49064

In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in use in error path Unmark inode in use if error encountered. If the in-use flag leakage occurs in cachefilesopenfile, Cachefiles will complain "Inode already in use" when later another cookie with the...

DEBIAN-CVE-2022-49062

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix KASAN slab-out-of-bounds in cachefilessetvolumexattr Use the actual length of volume coherency data when setting the xattr to avoid the following KASAN report. BUG: KASAN: slab-out-of-bounds in...

UBUNTU-CVE-2022-49064

In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in use in error path Unmark inode in use if error encountered. If the in-use flag leakage occurs in cachefilesopenfile, Cachefiles will complain "Inode already in use" when later another cookie with the...

UBUNTU-CVE-2022-49062

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix KASAN slab-out-of-bounds in cachefilessetvolumexattr Use the actual length of volume coherency data when setting the xattr to avoid the following KASAN report. BUG: KASAN: slab-out-of-bounds in...

CVE-2022-49064

CVE-2022-49064 affects the Linux kernel's cachefiles code. The issue is an in-use flag leakage in error paths: in cachefiles_open_file(), an in-use flag could leak and cause the system to log “Inode already in use” on subsequent lookups; in cachefiles_create_tmpfile() this leakage could occur wit...