89 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not truncating the address space when flipping the GFS2DIFJDATA flag. An attacker exploiting this vulnerability...
DEBIAN-CVE-2024-49956
In the Linux kernel, the following vulnerability has been resolved: gfs2: fix double destroyworkqueue error When gfs2fillsuper fails, destroyworkqueue is called within gfs2glhashclear, and the subsequent code path calls destroyworkqueue on the same work queue again. This issue can be fixed by...
USN-7039-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Input Device Tablet drivers; - Modular ISDN driver; - Multiple devices driver; - Network drivers; -...
kernel: gfs2: Fix potential glock use-after-free on unmount
A vulnerability was found in the Linux kernel within the gfs2 component, where potential use-after-free issues could occur on unmount. When DLM lockspaces are released with remaining locks, callbacks for asynchronous lock contention may access freed objects, causing unexpected behavior...
gfs2: Fix potential glock use-after-free on unmount
...
kernel: gfs2: Fix potential glock use-after-free on unmount
A vulnerability was found in the Linux kernel within the gfs2 component, where potential use-after-free issues could occur on unmount. When DLM lockspaces are released with remaining locks, callbacks for asynchronous lock contention may access freed objects, causing unexpected behavior...
CLSA-2024-1724753960 Fix CVE(s): CVE-2023-52760, CVE-2024-35835, CVE-2024-39484, CVE-2024-39487
CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bondoptionarpiptargetsset CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2qddealloc CVE-url: https://ubuntu.com/security/CVE-2024-39484 - mmc: davinci: Don't strip...
kernel: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
A NULL pointer dereference flaw was found in the Linux kernel when accessing the rgd-rdrgl in the gfs2rgrpdump function. This issue may lead to a crash...
SUSE CVE-2024-38570
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is released and there ares still locks in that lockspace, DLM will unlock those locks automatically. Commit fb6791d100d1b started exploiting this behavior t...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in gfs2...
SUSE CVE-2023-52760
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2qddealloc In gfs2putsuper, whether withdrawn or not, the quota should be cleaned up by gfs2quotacleanup. Otherwise, struct gfs2sbd will be freed before gfs2qddealloc rcu callback has run for a...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a NULL pointer dereference in gfs2rgrpdump...
kernel: gfs2: NULL pointer dereference in gfs2_evict_inode()
A NULL pointer dereference flaw was found in the gfs2 file system in the Linux kernel. This issue occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. This flaw allows a privileged local user to cause ...
USN-6396-3 linux-azure vulnerabilities
It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Daniel Moghimi discovered that some IntelR Processors...
USN-6396-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-oracle vulnerabilities
It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Daniel Moghimi discovered that some IntelR Processors...
USN-6339-3 linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-raspi vulnerabilities
It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...
Medium: kernel
Issue Overview: A flaw in the Linux Kernel found in the GFS2 file system. On corrupted gfs2 file systems the evict code can try to reference the journal descriptor structure, jdesc, after it has been freed and set to NULL. It can lead to null pointer dereference when gfs2transbegin being called a...
OESA-2023-1395 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A known cache speculation vulnerability, known as Branch History Injection BHI or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch...
DEBIAN-CVE-2023-3212
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a...
SUSE CVE-2010-2798
The gfs2direntfindspace function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service NULL pointer dereference and panic and possibly have unspecified other...