2567 matches found
CVE-2024-43856 dma: fix call order in dmam_free_coherent
In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent dmamfreecoherent frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devresdestroy to remove and free the data structure used to track the DMA allocation...
AZL-47962 CVE-2024-42302 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot-removal of the same portion of the hierarchy: The dpchandler awaits readiness of the seconda...
AZL-48048 CVE-2024-42302 affecting package kernel for versions less than 6.6.47.1-1
In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot-removal of the same portion of the hierarchy: The dpchandler awaits readiness of the seconda...
UBUNTU-CVE-2024-42302
In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot-removal of the same portion of the hierarchy: The dpchandler awaits readiness of the seconda...
kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge
CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability...
kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge
CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability...
kernel: USB: core: Fix access violation during port device removal
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disablestore: usbhubtostructhub can return NULL if the hub that the port belongs to is concurrently removed, but...
kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge
CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability...
The vulnerability of the netpoll_owner_active() function in the Linux operating system allows a hacker to compromise the accessibility of protected information.
The vulnerability of the netpollowneractive function in the net/core/netpoll.c module of the Linux kernel is related to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...
The vulnerability of the __dwc3_stop_active_transfer() function in the DesignWare USB3 driver for Linux operating systems allows a hacker to compromise the accessibility of protected information.
The vulnerability of the dwc3stopactivetransfer function in the drivers/usb/dwc3/gadget.c file of the DesignWare USB3 driver for the Linux operating system is related to concurrent access to resources race conditions. Exploiting this vulnerability could allow a attacker to compromise the...
The vulnerability of the register_winch_irq() function in the User-Mode Linux (UML) subsystem of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the registerwinchirq function in the arch/um/drivers/line.c file of the User-Mode Linux subsystem driver for the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow a...
PT-2024-25079 · Qualcomm · Snapdragon +92
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time...
kernel: GSM multiplexing race condition leads to privilege escalation
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...
CVE-2024-41088
An infinite loop flaw was found in the MCP251xfd CAN driver in Linux Kernel that occurs when mcp251xfdstartxmit fails. Failure to transmit a message can lead to the driver halting message processing and getting stuck in an endless loop, particularly when multiple devices shared the same SPI...
DEBIAN-CVE-2024-42152
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...
DEBIAN-CVE-2024-42149
In the Linux kernel, the following vulnerability has been resolved: fs: don't misleadingly warn during thaw operations The block device may have been frozen before it was claimed by a filesystem. Concurrently another process might try to mount that frozen block device and has temporarily claimed...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a possible concurrent list addition issue in the btrfs module when adding block groups to retry lists and unus...
UBUNTU-CVE-2024-41088
In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite loop when xmit fails When the mcp251xfdstartxmit function fails, the driver stops processing messages, and the interrupt routine does not return, running indefinitely even after killing the running...
undertow: url-encoded request path information can be broken on ajp-listener
A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises because the same buffer is used to decode the paths for multiple requests simultaneously, leading to incorrect path information being processe...
CVE-2022-48822
In the Linux kernel, the following vulnerability has been resolved: usb: ffs: Fix use-after-free for epfile Consider a case where ffsfuncepsdisable is called from ffsfuncdisable as part of composition switch and at the same time ffsepfilerelease get called from userspace. ffsepfilerelease will fr...