122 matches found
PT-2025-34431
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the cpu switch to and call on irq stack functions related to stack manipulation and the Shadow Call Stack. Interruptions during stack changes can le...
PT-2026-2863
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the scs magic function within the shadow call stack SCS implementation. The function requires a 'void ' variable but receives a 'struct task...
CVE-2024-46789
In the Linux kernel, the following vulnerability has been resolved: mm/slub: add check for s-flags in the alloctaggingslabfreehook When enable CONFIGMEMCG & CONFIGKFENCE & CONFIGKMEMLEAK, the following warning always occurs,This is because the following call stack occurred: mempoolalloc...
CVE-2024-46789 mm/slub: add check for s->flags in the alloc_tagging_slab_free_hook
In the Linux kernel, the following vulnerability has been resolved: mm/slub: add check for s-flags in the alloctaggingslabfreehook When enable CONFIGMEMCG & CONFIGKFENCE & CONFIGKMEMLEAK, the following warning always occurs,This is because the following call stack occurred: mempoolalloc...
CVE-2024-46789
CVE-2024-46789 (Linux kernel) details from connected documents show a concrete fix: in mm/slub, the tagging logic now checks s->flags in alloc_tagging_slab_free_hook to avoid calling alloc_tag_add when SLAB_NO_OBJ_EXT or SLAB_NOLEAKTRACE are set. This prevents the NULL ref (ref->ct) and the...
BokuLoader - A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To Recreate, Integrate, And Enhance Cobalt Strike's Evasion Features!
A proof-of-concept User-Defined Reflective Loader UDRL which aims to recreate, integrate, and enhance Cobalt Strike's evasion features! Contributors: Contributor | Twitter | Notable Contributions ---|---|--- Bobby Cooke | @0xBoku | Project original author and maintainer Santiago Pecin | @s4ntiago...
CVE-2024-36930 spi: fix null pointer dereference within spi_sync
In the Linux kernel, the following vulnerability has been resolved: spi: fix null pointer dereference within spisync If spisync is called with the non-empty queue and the same spimessage is then reused, the complete callback for the message remains set while the context is cleared, leading to a...
SUSE CVE-2021-47553
In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that CPU calls a few layers of C code before finally leaving the kernel. When KASAN is in use, poisoned shadow is left around for each of the...
CVE-2021-47553
In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that CPU calls a few layers of C code before finally leaving the kernel. When KASAN is in use, poisoned shadow is left around for each of the...
DEBIAN-CVE-2021-47553
In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that CPU calls a few layers of C code before finally leaving the kernel. When KASAN is in use, poisoned shadow is left around for each of the...
CVE-2021-47553
In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that CPU calls a few layers of C code before finally leaving the kernel. When KASAN is in use, poisoned shadow is left around for each of the...
CVE-2021-47553
In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that CPU calls a few layers of C code before finally leaving the kernel. When KASAN is in use, poisoned shadow is left around for each of the...
UBUNTU-CVE-2021-47553
In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that CPU calls a few layers of C code before finally leaving the kernel. When KASAN is in use, poisoned shadow is left around for each of the...
CVE-2021-47553 sched/scs: Reset task stack state in bringup_cpu()
In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that CPU calls a few layers of C code before finally leaving the kernel. When KASAN is in use, poisoned shadow is left around for each of the...
CVE-2021-47553
The CVE describes a Linux kernel issue (CVE-2021-47553) in the SCS and KASAN shadow stack handling for the idle task during CPU hotplug (bringup_cpu). When a CPU is offline and brought back online, stale KASAN shadow and stale shadow call stack (SCS) state could lead to bogus warnings or leak por...
CVE-2024-36013 Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2capconnect Extend a critical section to prevent chan from early freeing. Also make the l2capconnect return type void. Nothing is using the returned value but it is ugly to return a...
CVE-2024-35796
A flaw was found in the lltemac driver for networking in the Linux kernel, which incorrectly replaces the platformgetresource function with an inappropriate function. This issue could lead to incorrect resource handling, potentially resulting in system instability or crashes. Mitigation Mitigatio...
CVE-2024-35796 net: ll_temac: platform_get_resource replaced by wrong function
In the Linux kernel, the following vulnerability has been resolved: net: lltemac: platformgetresource replaced by wrong function The function platformgetresource was replaced with devmplatformioremapresourcebyname and is called using 0 as name. This eventually ends up in platformgetresourcebyname...
CVE-2024-35796 net: ll_temac: platform_get_resource replaced by wrong function
In the Linux kernel, the following vulnerability has been resolved: net: lltemac: platformgetresource replaced by wrong function The function platformgetresource was replaced with devmplatformioremapresourcebyname and is called using 0 as name. This eventually ends up in platformgetresourcebyname...
CVE-2024-26715 usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix NULL pointer dereference in dwc3gadgetsuspend In current scenario if Plug-out and Plug-In performed continuously there could be a chance while checking for dwc-gadgetdriver in dwc3gadgetsuspend, a NULL...