kernel: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed

A flaw was found in the vmwgfx module in the Linux kernel. Trying to read the /sys/kernel/debug/dri/0/mobttm file when the ttmresourcemanager is not allocated will cause a crash, resulting in a denial of service...

The vulnerability of the ether3_remove() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ether3remove function in the drivers/net/ethernet/seeq/ether3.c kernel module of the Linux operating system is related to the repeated use of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise...

kernel: nouveau: lock the client object tree.

A flaw was found in the nouveau module in the Linux kernel. A missing resource lock can cause a race condition and trigger a general protection fault, resulting in a denial of service...

kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed

In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...

kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning

A flaw incorrect memory access in the Linux kernel Mellanox network Ethernet or RDMA device driver was found. A local user could use this flaw to crash the system...

The vulnerability of the `iio_gts_build_avail_time_table()` function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the iiogtsbuildavailtimetable function in the drivers/iio/industrialio-gts-helper.c kernel module of the Linux operating system is related to memory allocation beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...

The vulnerability of the entry_SYSCALL_compat() function in the Linux operating system’s kernel on the x86 platform allows a hacker to trigger a service failure.

The vulnerability of the entrySYSCALLcompat function in the arch/x86/entry/entry64compat.S module of the Linux operating system’s kernel on the x86 platform is related to an infinite loop. Exploiting this vulnerability could allow an attacker to cause a service failure...

DEBIAN-CVE-2024-50023

In the Linux kernel, the following vulnerability has been resolved: net: phy: Remove LED entry from LEDs list on unregister Commit c938ab4da0eb "net: phy: Manual remove LEDs to ensure correct ordering" correctly fixed a problem with using devm but missed removing the LED entry from the LEDs list...

OpenIPMI security update

2.0.32-5.0.1 - IPMI SMB kernel module name is ipmissif in all modern kernels. openipmi-helper script fixed. Orabug: 27093288 [email protected] 2.0.32-5 - Update the patch for CVE-2024-42934 to add a missing upstream commit from 2.0.36: 663e3cd3 2.0.32-4 - Backport two commits from 2.0.36...

CentOS 7 : kernel-alt (RHSA-2020:0174)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0174 advisory. - In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket...

kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range

A vulnerability was found in the netfilter subsystem of the Linux kernel, specifically in the nfconntrackh323 module. This issue involves inadequate protection for BMP length values, potentially leading to out-of-range conditions...

kernel: net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()

A vulnerability was found in the icebridgesetlink function in the Linux kernel. A missing check to verify whether the nlmsgfindattr function returns NULL or not could lead to a NULL pointer dereference, system instability, or crashes...

kernel: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxecompqueuepkt In rxecompqueuepkt an incoming response packet skb is enqueued to the resppkts queue and then a decision is made whether to run the completer task inline or schedule it. Finally the skb ...

SUSE CVE-2024-43900

In the Linux kernel, the following vulnerability has been resolved: media: xc2028: avoid use-after-free in loadfirmwarecb syzkaller reported use-after-free in loadfirmwarecb 1. The reason is because the module allocated a struct tuner in tunerprobe, and then the module initialization failed, the...

Critical Flaws in Traccar GPS System Expose Users to Remote Attacks

Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances. Both the vulnerabilities are path traversal flaws and could be weaponized ...

ROS-20240813-01

The vulnerability of the nftsetrbtree function net/netfilter/nftsetrbtree.c of the Netfilter component of the Linux operating system is related to the operation exceeding the memory buffer boundaries. component of the Netfilter component of the Linux operating system is related to an operation...

kernel: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING

A vulnerability was found in the Linux kernel's md/raid5 implementation within the raid5d function. This flaw can cause a deadlock when handling I/O operations due to a conflict between the reconfigmutex and the MDSBCHANGEPENDING flag, leading to excessive CPU usage and denial of service...

kernel: nouveau: lock the client object tree.

A flaw was found in the nouveau module in the Linux kernel. A missing resource lock can cause a race condition and trigger a general protection fault, resulting in a denial of service...

UBUNTU-CVE-2024-41030

In the Linux kernel, the following vulnerability has been resolved: ksmbd: discard write access to the directory open mayopen does not allow a directory to be opened with the write access. However, some writing flags set by client result in adding write access on server, making ksmbd incompatible...

kernel: stack overflow problem in Open vSwitch kernel module leading to DoS

A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result,...