CVE-2014-3185 affecting package kernel for versions less than 5.15.153.1-1

CVE-2014-3185 affecting package kernel for versions less than 5.15.153.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-26805 netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in skbdatagramiter syzbot reported the following uninit-value access issue 1: netlinktofullskb creates a new skb and puts the skb-data passed as a 1st arg of netlinktofullskb onto new skb...

CVE-2024-26766

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx-numdescs off-by-one error Unfortunately the commit fd8958efe877 introduced another error causing the descs array to overflow. This reults in further crashes easily reproducible by sendmsg system call...

UBUNTU-CVE-2024-26732

In the Linux kernel, the following vulnerability has been resolved: net: implement lockless setsockoptSOPEEKOFF syzbot reported a lockdep violation 1 involving afunix support of SOPEEKOFF. Since SOPEEKOFF is inherently not thread safe it uses a per-socket skpeekoff field, there is really no point...

UBUNTU-CVE-2024-26752

In the Linux kernel, the following vulnerability has been resolved: l2tp: pass correct message length to ip6appenddata l2tpip6sendmsg needs to avoid accounting for the transport header twice when splicing more data into an already partially-occupied skbuff. To manage this, we check whether the...

UBUNTU-CVE-2024-26731

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in skpsockverdictdataready syzbot reported the following NULL pointer dereference issue 1: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... RIP: 0010:0x0 ... Call Trac...

CVE-2024-26713

...

AZL-58798 CVE-2024-26671 affecting package kernel for versions less than 6.6.82.1-1

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blkmqmarktagwait, addwaitqueue may be re-ordered with the following blkmqgetdrivertag in case of getting driver tag failure. Then in sbitmapqueuewakeup, waitqueueactive may not...

UBUNTU-CVE-2024-26675

In the Linux kernel, the following vulnerability has been resolved: pppasync: limit MRU to 64K syzbot triggered a warning 1 in allocpages: WARNONONCEGFPorder MAXPAGEORDER, gfp Willem fixed a similar issue in commit c0a2a1b0d631 "ppp: limit MRU to 64K" Adopt the same sanity check for...

SUSE CVE-2021-47173

In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720probe uss720probe forgets to decrease the refcount of usbdev in uss720probe. Fix this by decreasing the refcount of usbdev by usbputdev. BUG: memory leak unreferenced object 0xffff88810111380...

UBUNTU-CVE-2024-26641

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...

PT-2024-14655 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.0-rc7+ Description: The Linux kernel has a vulnerability in the drivers/thermal/loongson2 thermal module. The issue arises from an incorrect judgment of PTR ERR, which returns -ENODEV when thermal-zones are...

UBUNTU-CVE-2021-47117

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4escacheextent as ext4splitextentat failed We got follow bugon when run fsstress with injecting IO fault: 130747.323114 kernel BUG at fs/ext4/extentsstatus.c:762! 130747.323117 Internal error: Oops - BUG: 0...

A patched Windows attack surface is still exploitable

On August 8, 2023, Microsoft finally released a kernel patch for a class of vulnerabilities affecting Microsoft Windows since 2015. The vulnerabilities lead to elevation of privilege EoP, which allows an account with user rights to gain SYSTEM privileges on a vulnerable host. The root cause of th...

CVE-2024-26608

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix global oob in ksmbdnlpolicy Similar to a reported issue check the commit b33fb5b801c6 "net: qualcomm: rmnet: fix global oob in rmnetpolicy", my local fuzzer finds another global out-of-bounds read for policy...

SUSE CVE-2021-47077

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add pointer checks in qedfupdatelinkspeed The following trace was observed: 14.042059 Call Trace: 14.042061 14.042068 qedflinkupdate+0x144/0x1f0 qedf 14.042117 qedlinkupdate+0x5c/0x80 qed 14.042135...

SUSE CVE-2024-26622

In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyowritecontrol Since tomoyowritecontrol updates head-writebuf when write of long lines is requested, we need to fetch head-writebuf after head-iosem is held. Otherwise, concurrent write requests c...

DEBIAN-CVE-2023-52504

In the Linux kernel, the following vulnerability has been resolved: x86/alternatives: Disable KASAN in applyalternatives Fei has reported that KASAN triggers during applyalternatives on a 5-level paging machine: BUG: KASAN: out-of-bounds in rcuiswatching Read of size 4 at addr ff110003ee6419a0 by...

CVE-2023-52566 nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential use after free in nilfsgccachesubmitreaddata In nilfsgccachesubmitreaddata, brelsebh is called to drop the reference count of bh when the call to nilfsdattranslate fails. If the reference count hits 0 and it...

UBUNTU-CVE-2021-46999

In the Linux kernel, the following vulnerability has been resolved: sctp: do asoc update earlier in sctpsfdodupcooka There's a panic that occurs in a few of envs, the call trace is as below: general protection fault, ... 0x29acd70f1000a: 0000 1 SMP PTI RIP:...