CVE-2021-47379 blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd KASAN reports a use-after-free report when doing fuzz test: 693354.104835 ================================================================== 693354.105094 BUG:...

SUSE CVE-2024-27432

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix PPE hanging issue A patch to resolve an issue was found in MediaTek's GPL-licensed SDK: In the mtkppestop function, the PPE scan mode is not disabled before disabling the PPE. This can potentially le...

SUSE CVE-2024-35882

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a slow server-side memory leak with RPC-over-TCP Jan Schunk reports that his small NFS servers suffer from memory exhaustion after just a few days. A bisect shows that commit e18e157bb5c8 "SUNRPC: Send RPC message on...

SUSE CVE-2024-35951

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrostmmumapfaultaddr Subject: PATCH drm/panfrost: Fix the error path in panfrostmmumapfaultaddr If some the pages or sgt allocation failed, we shouldn't release the pages ref we got earlier,...

PT-2024-11231 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.13.0-rc3+ 360 Description: The vulnerability is related to the egress tunnel code in the Linux kernel's bridge module. The code uses dst clone and directly sets the result, which can cause problems if the entr...

DEBIAN-CVE-2024-35947

In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUGON in control parser Fix a BUGON from 2009. Even if it looks "unreachable" I didn't really look, lets make sure by removing it, doing prerr and return -EINVAL instead...

UBUNTU-CVE-2024-35915

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in ncidevup and ncintfpacket syzbot reported the following uninit-value access issue 12: ncirxwork parses and processes received packet. When the payload length is zero, each message type handler reads...

CVE-2024-35896 netfilter: validate user input for expected length

In the Linux kernel, the following vulnerability has been resolved: netfilter: validate user input for expected length I got multiple syzbot reports showing old bugs exposed by BPF after commit 20f2505fb436 "bpf: Try to avoid kzalloc in cgroup/s,getsockopt" setsockopt @optlen argument should be...

SUSE CVE-2022-48703

In the Linux kernel, the following vulnerability has been resolved: thermal/int340xthermal: handle datavault when the value is ZEROSIZEPTR In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup returns ZEROSIZEPTR 0x10. Then the datavaultread got NULL...

DEBIAN-CVE-2024-27031

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix nfsnetfsissueread xarray locking for writeback interrupt The loop inside nfsnetfsissueread currently does not disable interrupts while iterating through pages in the xarray to submit for NFS read. This is not safe though...

UBUNTU-CVE-2024-27063

In the Linux kernel, the following vulnerability has been resolved: leds: trigger: netdev: Fix kernel panic on interface rename trig notify Commit d5e01266e7f5 "leds: trigger: netdev: add additional specific link speed mode" in the various changes, reworked the way to set the LINKUP mode in commi...

UBUNTU-CVE-2024-27388

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssxdecoptionarray The creds and oa-data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths...

UBUNTU-CVE-2024-27024

In the Linux kernel, the following vulnerability has been resolved: net/rds: fix WARNING in rdsconnconnectifdown If connection isn't established yet, getmr will fail, trigger connection after getmr...

UBUNTU-CVE-2024-27061

In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ce - Fix use after free in unprepare sun8icecipherunprepare should be called before cryptofinalizeskcipherrequest, because client callbacks may immediately free memory, that isn't needed anymore. But it will be used...

UBUNTU-CVE-2023-52653

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gssimportv2context The ctx-mechused.data allocated by kmemdup is not freed in neither gssimportv2context nor it only caller gsskrb5importseccontext, which frees ctx on error. Thus, this patch reform the...

UBUNTU-CVE-2024-27005

In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access reqlist while it's being manipulated The icclock mutex was split into separate icclock and iccbwlock mutexes in 1 to avoid lockdep splats. However, this didn't adequately protect access to...

UBUNTU-CVE-2024-26982

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out of bounds access in fillmetaindex. That out of bounds access is ultimately caused because the inode has an inode number with the...

kernel: gro: fix ownership transfer

A flaw was found in the Linux kernel's Generic Receive Offload GRO feature, where packets processed with a fragment list are not properly orphaned due to incorrect handling of socket references. This vulnerability can cause system instability or kernel bugs. The issue has been fixed by making sur...

DEBIAN-CVE-2024-26865

In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsktimerhandler. syzkaller reported a warning of netns tracker 0 followed by KASAN splat 1 and another ref tracker warning 1. syzkaller could not find a repro, but in the log, the only...

SUSE CVE-2024-26813

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SETIRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which thereby allows a NULL pointer...