UBUNTU-CVE-2023-54276

In the Linux kernel, the following vulnerability has been resolved: nfsd: move init of percpu replycachestats counters back to nfsdinitnet Commit f5f9d4a314da "nfsd: move reply cache initialization into nfsd startup" moved the initialization of the reply cache into nfsd startup, but didn't accoun...

UBUNTU-CVE-2022-50888

In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5wcssinitmmio q6v5wcssinitmmio will call platformgetresourcebyname that may fail and return NULL. devmioremap will use res-start as input, which may causes null-ptr-deref...

UBUNTU-CVE-2023-54206

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The cited commit moved idr initialization too early in flchange which allows concurrent users to access the filter that is still being initialized and is in inconsistent state,...

UBUNTU-CVE-2023-54167

In the Linux kernel, the following vulnerability has been resolved: m68k: mm: Move initrd phystovirt handling after paginginit When booting with an initial ramdisk on platforms where physical memory does not start at address zero e.g. on Amiga: initrd: 0ef0602c - 0f800000 Zone ranges: DMA mem...

UBUNTU-CVE-2023-54309

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmvtpmproxy: fix a race condition in /dev/vtpmx creation /dev/vtpmx is made visible before 'workqueue' is initialized, which can lead to a memory corruption in the worst case scenario. Address this by initializing 'workqueu...

CVE-2022-50825

In the Linux kernel, the following vulnerability has been resolved: usb: typec: wusb3801: fix fwnode refcount leak in wusb3801probe I got the following report while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 4, ofnodeget/ofnodeput unbalanced - destroy cset...

UBUNTU-CVE-2022-50820

In the Linux kernel, the following vulnerability has been resolved: perf/armdmc620: Fix hotplug callback leak in dmc620pmuinit dmc620pmuinit won't remove the callback added by cpuhpsetupstatemulti when platformdriverregister failed. Remove the callback by cpuhpremovemultistate in fail path. Simil...

UBUNTU-CVE-2022-50847

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505i2cprobe During device boot, the HPD interrupt could be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver tries to access AUX channe...

UBUNTU-CVE-2022-50850

In the Linux kernel, the following vulnerability has been resolved: scsi: ipr: Fix WARNING in iprinit iprinit will not call unregisterrebootnotifier when pciregisterdriver fails, which causes a WARNING. Call unregisterrebootnotifier when pciregisterdriver fails. notifier callback iprhalt ipr...

CVE-2023-54316

CVE-2023-54316 affects the Linux kernel refscale subsystem. The issue is a race where init_waitqueue_head() may be called after torture_create_kthread(), allowing a kthread to use an uninitialized waitqueue head and crash with a kernel PAGE_FAULT [not-present page] during ref_scale_reader executi...

CVE-2023-54316 refscale: Fix uninitalized use of wait_queue_head_t

In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of waitqueueheadt Running the refscale test occasionally crashes the kernel with the following error: 8569.952896 BUG: unable to handle page fault for address: ffffffffffffffe8 8569.952900 PF:...

CVE-2023-54309

CVE-2023-54309 affects the Linux kernel TPM driver tpm_vtpm_proxy, where /dev/vtpmx was exposed before workqueue initialization, enabling a race condition that could lead to memory corruption. The root cause is the workqueue not being initialized as the first step of driver initialization; the fi...

CVE-2023-54309 tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmvtpmproxy: fix a race condition in /dev/vtpmx creation /dev/vtpmx is made visible before 'workqueue' is initialized, which can lead to a memory corruption in the worst case scenario. Address this by initializing 'workqueu...

CVE-2023-54309 tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmvtpmproxy: fix a race condition in /dev/vtpmx creation /dev/vtpmx is made visible before 'workqueue' is initialized, which can lead to a memory corruption in the worst case scenario. Address this by initializing 'workqueu...

CVE-2023-54276 nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net

In the Linux kernel, the following vulnerability has been resolved: nfsd: move init of percpu replycachestats counters back to nfsdinitnet Commit f5f9d4a314da "nfsd: move reply cache initialization into nfsd startup" moved the initialization of the reply cache into nfsd startup, but didn't accoun...

CVE-2023-54276

In the Linux kernel, the following vulnerability has been resolved: nfsd: move init of percpu replycachestats counters back to nfsdinitnet Commit f5f9d4a314da "nfsd: move reply cache initialization into nfsd startup" moved the initialization of the reply cache into nfsd startup, but didn't accoun...

CVE-2023-54273

The CVE-2023-54273 entry describes a Linux kernel vulnerability in the xfrm subsystem where the netdev reference tracker is released with the wrong _put() call during direction checks, causing a resource leak. This can exhaust system resources and lead to a Denial of Service. Documents confirm th...

CVE-2023-54271 blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkgpolicydata being installed before init blk-iocost sometimes causes the following crash: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... RIP: 0010:rawspinlock+0x17/0x30...

CVE-2023-54271

CVE-2023-54271 concerns a NULL pointer dereference in the Linux kernel related to block cgroup handling. The issue arises when blkcg_activate_policy installs blkg_policy_data before ioc_weight policy data is fully initialized, causing a race with ioc_weight_write() that can encounter an uninitial...

CVE-2023-54271 blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkgpolicydata being installed before init blk-iocost sometimes causes the following crash: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... RIP: 0010:rawspinlock+0x17/0x30...