674 matches found
kernel: PCI/PM: Drain runtime-idle callbacks before driver removal
A vulnerability was found in the PCI subsystem in the Linux kernel, where runtime-idle callbacks are not always drained before a PCI driver is removed. If these callbacks are still active when the driver is removed, it could result in system instability or crashes...
kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers
A use-after-free was found in drivers/gpu/drm/i915/gt/intelggttfencing.c in the Linux kernel. This issue can be caused by a race among revocation of fence registers on one side and sequential execution of signal callbacks invoked on completion of a request that was using them on the other,...
kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers
A use-after-free was found in drivers/gpu/drm/i915/gt/intelggttfencing.c in the Linux kernel. This issue can be caused by a race among revocation of fence registers on one side and sequential execution of signal callbacks invoked on completion of a request that was using them on the other,...
kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers
A use-after-free was found in drivers/gpu/drm/i915/gt/intelggttfencing.c in the Linux kernel. This issue can be caused by a race among revocation of fence registers on one side and sequential execution of signal callbacks invoked on completion of a request that was using them on the other,...
CVE-2024-46861
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: Payload too short Payload formatted incorrecly e.g. bad NCM framing Lack of memory None of these should cause the driver to seize u...
AZL-49895 CVE-2024-46861 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: Payload too short Payload formatted incorrecly e.g. bad NCM framing Lack of memory None of these should cause the driver to seize u...
CVE-2024-46861
CVE-2024-46861 - Linux kernel USB net driver (usbnet/ipheth) : The issue arises when RX callbacks fail in usbnet ipheth; causes could be payload too short, incorrect payload framing (e.g., bad NCM framing), or memory pressure. These failures previously could cause the driver to seize up. The docu...
kernel: gfs2: Fix potential glock use-after-free on unmount
A vulnerability was found in the Linux kernel within the gfs2 component, where potential use-after-free issues could occur on unmount. When DLM lockspaces are released with remaining locks, callbacks for asynchronous lock contention may access freed objects, causing unexpected behavior...
kernel: PCI/PM: Drain runtime-idle callbacks before driver removal
A vulnerability was found in the PCI subsystem in the Linux kernel, where runtime-idle callbacks are not always drained before a PCI driver is removed. If these callbacks are still active when the driver is removed, it could result in system instability or crashes...
kernel: PCI/PM: Drain runtime-idle callbacks before driver removal
A vulnerability was found in the PCI subsystem in the Linux kernel, where runtime-idle callbacks are not always drained before a PCI driver is removed. If these callbacks are still active when the driver is removed, it could result in system instability or crashes...
mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran
The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence...
mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran
The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence...
mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran
The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence...
mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran
The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence...
mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran
The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence...
SUSE CVE-2024-46715
In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...
mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran
The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence...
CVE-2024-46770
In the Linux kernel, the following vulnerability has been resolved: ice: Add netifdeviceattach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to access deleted resources, e.g. getting coalesce settings can result in a NULL pointer dereference seen...
AZL-55228 CVE-2024-46715 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...
DEBIAN-CVE-2024-46715
In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...