UBUNTU-CVE-2024-53153

In the Linux kernel, the following vulnerability has been resolved: PCI: qcom-ep: Move controller cleanups to qcompcieperstdeassert Currently, the endpoint cleanup function dwpcieepcleanup and EPF deinit notify function pciepcdeinitnotify are called during the execution of qcompcieperstassert i.e...

CVE-2024-53150

The CVE-2024-53150 issue affects the Linux kernel USB-audio (ALSA: usb-audio). The root cause is that the driver does not validate the bLength field of descriptors while traversing clock-related descriptors, allowing a bogus shorter descriptor to cause out-of-bounds reads. The public patch adds s...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50035)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50035 advisory. - In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-47698)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47698 advisory. - In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2832: f...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: iouring: fix possible deadlock in ioregisteriowqmaxworkers CVE-2024-41080 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points CVE-2024-4999...

SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:4218-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4218-1 advisory. This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2021-47517: Fix panic...

UBUNTU-CVE-2024-53129

In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: Fix a dereferenced before check warning The 'state' can't be NULL, we should check crtcstate. Fix warning: drivers/gpu/drm/rockchip/rockchipdrmvop.c:1096 vopplaneatomicasynccheck warn: variable dereferenced...

SUSE CVE-2024-53068

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix slab-use-after-free in scmibusnotifier The scmidev-name is released prematurely in scmidevicedestroy, which causes slab-use-after-free when accessing scmidev-name in scmibusnotifier. So move the release of...

kernel: rcutorture: Fix ksoftirqd boosting timing and iteration

In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fix ksoftirqd boosting timing and iteration The RCU priority boosting can fail in two situations: 1 If nrcpus= maxcpus=, which means if the total number of CPUs is higher than those brought online at boot, then...

AZL-52408 CVE-2024-50135 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvmedevdisable nvmedevdisable modifies the dev-onlinequeues field, therefore nvmepciupdatenrqueues should avoid racing against it, otherwise we could end up passing invalid values to...

CVE-2024-50104

Technical details for CVE-2024-50104 are not publicly provided in the supplied documents; monitor for official advisories or patches.

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP6) (SUSE-SU-2024:3880-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3880-1 advisory. This update for the Linux Kernel 6.4.0-15060021 fixes several issues. The following security issues were fixed: - CVE-2024-35905: Fixed int...

SUSE-SU-2024:3806-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024119 fixes several issues. The following security issues were fixed: - CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. - CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. - CVE-2024-35863: Fixed potentia...

CVE-2024-50086 ksmbd: fix user-after-free from session log off

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add sessionlock when setting SMB2SESSIONEXPIRED and...

CVE-2024-49931 wifi: ath12k: fix array out-of-bound access in SoC stats

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix array out-of-bound access in SoC stats Currently, the ath12ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX. However, the ath12kdprxprocess function access...

UBUNTU-CVE-2024-47744

In the Linux kernel, the following vulnerability has been resolved: KVM: Use dedicated mutex to protect kvmusagecount to avoid deadlock Use a dedicated mutex to guard kvmusagecount to fix a potential deadlock on x86 due to a chain of locks and SRCU synchronizations. Translating the below lockdep...

DEBIAN-CVE-2024-47680

In the Linux kernel, the following vulnerability has been resolved: f2fs: check discard support for conventional zones As the helper function f2fsbdevsupportdiscard shows, f2fs checks if the target block devices support discard by calling bdevmaxdiscardsectors and bdeviszoned. This check works we...

CVE-2024-47715 wifi: mt76: mt7915: fix oops on non-dbdc mt7986

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix oops on non-dbdc mt7986 mt7915bandconfig sets bandidx = 1 on the main phy for mt7986 with MT7975ONEADIE or MT7976ONEADIE. Commit 0335c034e726 "wifi: mt76: fix race condition related to checking tx queue fi...

DEBIAN-CVE-2024-47659

In the Linux kernel, the following vulnerability has been resolved: smack: tcp: ipv4, fix incorrect labeling Currently, Smack mirrors the label of incoming tcp/ipv4 connections: when a label 'foo' connects to a label 'bar' with tcp/ipv4, 'foo' always gets 'foo' in returned ipv4 packets. So, 1...

kernel: net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()

A vulnerability was found in the icebridgesetlink function in the Linux kernel. A missing check to verify whether the nlmsgfindattr function returns NULL or not could lead to a NULL pointer dereference, system instability, or crashes...