CLSA-2024-1718789388 Fix CVE(s): CVE-2024-5458

SECURITY UPDATE: filter bypass in filtervar FILTERVALIDATEURL - debian/patches/CVE-2024-5458.patch: Fix validation of ipv6 hostname to check all conditions and extract condition to separate function - CVE-2024-5458...

DEBIAN-CVE-2021-47550

In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: fix potential memleak In function amdgpugetxgmihive, when kobjectinitandadd failed There is a potential memleak if not call kobjectput...

DEBIAN-CVE-2021-47495

In the Linux kernel, the following vulnerability has been resolved: usbnet: sanity check for maxpacket maxpacket of 0 makes no sense and oopses as we need to divide by it. Give up. V2: fixed typo in log and stylistic issues...

DEBIAN-CVE-2023-52770

In the Linux kernel, the following vulnerability has been resolved: f2fs: split initial and dynamic conditions for extentcache Let's allocate the extentcache tree without dynamic conditions to avoid a missing condition causing a panic as below. create a file w/ a compressed flag disable the...

DEBIAN-CVE-2021-47336

In the Linux kernel, the following vulnerability has been resolved: smackfs: restrict bytes count in smksetcipso Oops, I failed to update subject line. From 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001 Date: Mon, 12 Apr 2021 22:25:06 +0900 Subject: PATCH smackfs: restrict byt...

CLSA-2024-1716272474 Fix CVE(s): CVE-2023-49288

SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2023-49288.patch: fix unintentional freeing in TRACE request handler - CVE-2023-49288...

DEBIAN-CVE-2024-35947

In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUGON in control parser Fix a BUGON from 2009. Even if it looks "unreachable" I didn't really look, lets make sure by removing it, doing prerr and return -EINVAL instead...

DEBIAN-CVE-2024-35943

In the Linux kernel, the following vulnerability has been resolved: pmdomain: ti: Add a null pointer check to the omapprmdomaininit devmkasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity...

DEBIAN-CVE-2024-35837

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...

DEBIAN-CVE-2023-52669

In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual length left and cop...

DEBIAN-CVE-2024-27404

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remoteid Similar to the previous patch, address the data race on remoteid, adding the suitable ONCE annotations...

CLSA-2024-1715673753 Fix CVE(s): CVE-2024-32487

SECURITY UPDATE: quoting is mishandled in filename.c. - debian/patches/CVE-2024-32487.patch: Fix bug when viewing a file whose name contains a newline. - CVE-2024-32487...

DEBIAN-CVE-2022-48695

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcountt: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c:28...

DEBIAN-CVE-2024-27074

In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, bouncei.e. go-bootfw, is allocated without a deallocation thereafter. After the following call chain: saa7134go7007init |- go7007bootencoder |-...

DEBIAN-CVE-2024-27051

In the Linux kernel, the following vulnerability has been resolved: cpufreq: brcmstb-avs-cpufreq: add check for cpufreqcpuget's return value cpufreqcpuget may return NULL. To avoid NULL-dereference check it and return 0 in case of error. Found by Linux Verification Center linuxtesting.org with...

DEBIAN-CVE-2024-27037

In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer dereference caused by kmalloc failure The kmalloc in zynqclksetup will return null if the physical memory has run out. As a result, if we use snprintf to write data to the null address, the null...

DEBIAN-CVE-2024-26952

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This patch set the minimum value of buffer offset field to -Buffer offset to...

DEBIAN-CVE-2024-26843

In the Linux kernel, the following vulnerability has been resolved: efi: runtime: Fix potential overflow of soft-reserved region size mdsize will have been narrowed if we have = 4GB worth of pages in a soft-reserved region...

DEBIAN-CVE-2024-26838

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix KASAN issue with tasklet KASAN testing revealed the following issue assocated with freeing an IRQ. 50006.466686 Call Trace: 50006.466691 50006.489538 dumpstack+0x5c/0x80 50006.493475...

DEBIAN-CVE-2024-26840

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefilesaddcache The following memory leak was reported after unbinding /dev/cachefiles: ================================================================== unreferenced object 0xffff9b674176e3c0...