Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ext4: block range must be validated before use in ext4mbclearbb CVE-2022-50021 In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq-bic' CVE-2022-50488 In the...

Important: kernel

Issue Overview: An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456 In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix invalid address access in lookuprec when...

SUSE CVE-2024-36923

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-36923

In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix uninitialized values during inode evict If an iget fails due to not being able to retrieve information from the server then the inode structure is only partially initialized. When the inode gets evicted, references to...

CVE-2024-36963 tracefs: Reset permissions on remount if permissions are options

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

CVE-2024-36923

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

DEBIAN-CVE-2024-36923

In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix uninitialized values during inode evict If an iget fails due to not being able to retrieve information from the server then the inode structure is only partially initialized. When the inode gets evicted, references to...

CVE-2024-36923

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-36923

CVE-2024-36923 is documented in a connected Nessus entry as a Linux kernel vulnerability affecting fs/9p inode eviction. Root cause: when iget fails to retrieve server information, the inode may be partially initialized; during eviction, references to uninitialized structures (e.g., fscache cooki...

CVE-2024-36923

...

CVE-2024-36923

...

CVE-2024-36923 fs/9p: fix uninitialized values during inode evict

In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix uninitialized values during inode evict If an iget fails due to not being able to retrieve information from the server then the inode structure is only partially initialized. When the inode gets evicted, references to...

SUSE CVE-2023-52805

In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diAlloc Currently there is not check against the agno of the iag while allocating new inodes to avoid fragmentation problem. Added the check which is required...

SUSE CVE-2023-52737

In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock VFS lock, it only locks a file range in the inode's io tree. This however can lead to a deadlock if we have a concurrent...

SUSE CVE-2021-47432

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek When we started spreading new inode numbers throughout most of the 64 bit inode space, that triggered some corner case bugs, in particular some integer overflows related to the rad...

SUSE CVE-2023-52848

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop metainode's page cache in f2fsputsuper syzbot reports a kernel bug as below: F2FS-fs loop1: detect filesystem reference count leak during umount, type: 10, count: 1 kernel BUG at fs/f2fs/super.c:1639! CPU: 0 PID...

SUSE CVE-2021-47460

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 "fs: Don't invalidate page buffers in blockwritefullpage" uncovered a latent bug in ocfs2 conversion from inline inode format to a normal inode...

SUSE CVE-2021-47340

In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFSSBIinode-isb-ipimap == NULL to diFree1. GFP will appear: struct inode ipimap = JFSSBIip-isb-ipimap; struct inomap imap = JFSIPipimap-iimap; JFSIP will return invalid pointer when...

CVE-2021-47256

A vulnerability was found in the memoryfailure function in the Linux kernel's memory management system, where the system may not wait for certain pages to finish writing before performing actions on them, leading to a kernel crash. Mitigation Red Hat has investigated whether a possible mitigation...

SUSE CVE-2021-47256

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: make sure wait for page writeback in memoryfailure Our syzkaller trigger the "BUGON!listempty&inode-iwblist" in clearinode: kernel BUG at fs/inode.c:519! Internal error: Oops - BUG: 0 1 SMP Modules linked in:...