CVE-2023-52682 f2fs: fix to wait on block writeback for post_read case

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writeback for postread case If inode is compressed, but not encrypted, it missed to call f2fswaitonblockwriteback to wait for GCed page writeback in IPU write path. Thread A GC-Thread - f2fsgc -...

CVE-2023-52682

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writeback for postread case If inode is compressed, but not encrypted, it missed to call f2fswaitonblockwriteback to wait for GCed page writeback in IPU write path. Thread A GC-Thread - f2fsgc -...

CVE-2023-52682 f2fs: fix to wait on block writeback for post_read case

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writeback for postread case If inode is compressed, but not encrypted, it missed to call f2fswaitonblockwriteback to wait for GCed page writeback in IPU write path. Thread A GC-Thread - f2fsgc -...

DEBIAN-CVE-2024-35797

In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix two shmem bugs When cachestat on shmem races with swapping and invalidation, there are two possible bugs: 1 A swapin error can have resulted in a poisoned swap entry in the shmem inode's xarray. Calling...

CVE-2024-35797 mm: cachestat: fix two shmem bugs

In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix two shmem bugs When cachestat on shmem races with swapping and invalidation, there are two possible bugs: 1 A swapin error can have resulted in a poisoned swap entry in the shmem inode's xarray. Calling...

PT-2024-14691

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue arises when an inode is compressed but not encrypted, and the system fails to call f2fs wait on block writeback to wait for GCed page writeback in the IPU write path. This can...

SUSE CVE-2024-26982

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out of bounds access in fillmetaindex. That out of bounds access is ultimately caused because the inode has an inode number with the...

CVE-2024-26972

A flaw was found in the ubifs module in the Linux kernel. A memory leak can occur when handling an error in the ubifssymlink function in the fs/ubifs/dir.c file, potentially impacting system performance and possibly resulting in a denial of service...

CVE-2024-26982

A flaw was found in the squashfs module in the Linux kernel. A missing check of an inode number with an invalid value of zero can cause an out-of-bounds read and result in a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not...

CVE-2024-27389

In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only dinvalidate is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410 Using the comb...

DEBIAN-CVE-2024-27389

In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only dinvalidate is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410 Using the comb...

AZL-67496 CVE-2024-27389 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only dinvalidate is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410 Using the comb...

CVE-2024-27389 pstore: inode: Only d_invalidate() is needed

In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only dinvalidate is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410 Using the comb...

CVE-2024-27389

CVE-2024-27389 affects the Linux kernel pstore code. The issue arises when unloading a modular pstore backend with records in pstorefs, where dput() and d_drop() were used together, causing a reference-counting problem. The root cause is that d_invalidate() is the correct contender for invalidati...

CVE-2024-27389 pstore: inode: Only d_invalidate() is needed

In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only dinvalidate is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410 Using the comb...

CVE-2024-27389

In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only dinvalidate is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410 Using the comb...

CVE-2024-27022

In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a WARNING 1. And the root cause is below race: CPU 1 CPU 2 fork hugetlbfsfallocate dupmmap hugetlbfspunchhole immaplockwritemapping;...

AZL-57731 CVE-2024-26982 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out of bounds access in fillmetaindex. That out of bounds access is ultimately caused because the inode has an inode number with the...

DEBIAN-CVE-2024-26982

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out of bounds access in fillmetaindex. That out of bounds access is ultimately caused because the inode has an inode number with the...

CVE-2024-26972

In the Linux kernel, the following vulnerability has been resolved: ubifs: ubifssymlink: Fix memleak of inode-ilink in error path For error handling path in ubifssymlink, inode will be marked as bad first, then iput is invoked. If inode-ilink is initialized by fscryptencryptsymlink in encryption...