Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ext4 file system's DAX feature mishandling extents exceeding the inode size during partial write...

The vulnerability of the squashfs_read inode() function in the squashfs file system of Linux kernels allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the squashfsread inode function in the fs/squashfs/inode.c file of the squashfs file system in the Linux kernel is related to the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

CVE-2024-46695

...

Low: runc

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between t...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-45003)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45003 advisory. - In the Linux kernel, the following vulnerability has been resolved: vfs: Don't evict inode under the inode l...

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes bsc1226606. CVE-2024-40902: jfs: xattr: fix buffer overflow for invalid xattr...

CVE-2024-45003

...

CVE-2024-42311

...

CVE-2024-42297

...

SUSE CVE-2024-47669

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix state management in error path of log writing function After commit a694291a6211 "nilfs2: separate wait function from nilfssegctorwrite" was applied, the log writing function nilfssegctordoconstruct was able to issue...

CLSA-2024-1728584513 Fix of 20 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-38588 - ftrace: Fix possible warning on checking all pages used in ftraceprocesslocs - ftrace: Fix possible use-after-free issue in ftracelocation CVE-url: https://ubuntu.com/security/CVE-2024-46744 - Squashfs: sanity check symbolic link size CVE-url:...

CVE-2024-47660

In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENTWATCHED flags lazily In some setups directories can have many usually negative dentries. Hence fsnotifyupdatechilddentryflags function can take a significant amount of time. Since the bulk of this function...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47069: Fixed a crash due to relying on a stack reference past its expiry in ipc/mqueue, ipc/msg, ipc/sem bsc1220826. CVE-2022-48911: kabi: add nfqueuegetrefs...

UBUNTU-CVE-2024-47669

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix state management in error path of log writing function After commit a694291a6211 "nilfs2: separate wait function from nilfssegctorwrite" was applied, the log writing function nilfssegctordoconstruct was able to issue...

CVE-2024-47669

CVE-2024-47669 involves the Linux kernel nilfs2 write path. After a694291a6211, two error-path flaws could leave writeback flags uncleared and inodes with NILFS_I_COLLECTED set, causing writeback hangs or potential data non-write during checkpointing. The fix applies a uniform call to nilfs_segct...

CVE-2024-47660

In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENTWATCHED flags lazily In some setups directories can have many usually negative dentries. Hence fsnotifyupdatechilddentryflags function can take a significant amount of time. Since the bulk of this function...

PT-2024-34047

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61 Description: A flaw in the Linux kernel has been fixed, related to improved error handling in the udf extend file function. The inode bmap function was refactored to handle errors since udf next aext can...

Oracle Linux 8 : kernel (ELSA-2024-7000)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-7000 advisory. - wifi: mac80211: Avoid address calculations via out of bounds array indexing Michal Schmidt RHEL-51278 CVE-2024-41071 - protect the fetch of -fdfd in...

kernel: lib/generic-radix-tree.c: Don't overflow in peek()

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek When we started spreading new inode numbers throughout most of the 64 bit inode space, that triggered some corner case bugs, in particular some integer overflows related to the rad...

kernel: lib/generic-radix-tree.c: Don't overflow in peek()

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek When we started spreading new inode numbers throughout most of the 64 bit inode space, that triggered some corner case bugs, in particular some integer overflows related to the rad...