DEBIAN-CVE-2022-49446

In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix firmware activation deadlock scenarios Lockdep reports the following deadlock scenarios for CXL root device power-management, deviceprepare, operations, and deviceshutdown operations for 'ndregion' devices: Chain exis...

CVE-2022-49316

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...

DEBIAN-CVE-2022-49316

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...

UBUNTU-CVE-2022-49316

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...

DEBIAN-CVE-2022-49175

In the Linux kernel, the following vulnerability has been resolved: PM: core: keep irq flags in devicepmcheckcallbacks The function devicepmcheckcallbacks can be called under the spin lock in the reported case it happens from genpdadddevice - devpmdomainset, when the genpd uses spinlocks rather...

CVE-2022-49089

In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvterrorqp to prevent a race condition The documentation of the function rvterrorqp says both rlock and slock need to be held when calling that function. It also asserts using lockdep that both of...

UBUNTU-CVE-2022-49159

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Implement ref count for SRB The timeout handler and the done function are racing. When qla2x00asynciocbtimeout starts to run it can be preempted by the normal response path via the firmware?. qla24xxasyncgpscspdone...

CVE-2022-49316 NFSv4: Don't hold the layoutget locks across multiple RPC calls

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...

CVE-2022-49316

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...

CVE-2022-49316 NFSv4: Don't hold the layoutget locks across multiple RPC calls

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...

CVE-2022-49316

CVE-2022-49316 affects the Linux kernel’s NFSv4 layout management. The issue arises when performing layoutget as part of an open() compound: locks for the layoutget are held across multiple RPC calls, which can trigger recalls and deadlock. The connected advisories (EulerOS/Unity/Nessus OSS) conf...

CVE-2022-49089 IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition

In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvterrorqp to prevent a race condition The documentation of the function rvterrorqp says both rlock and slock need to be held when calling that function. It also asserts using lockdep that both of...

CVE-2021-47634 ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix race condition between ctrlcdevioctl and ubicdevioctl Hulk Robot reported a KASAN report about use-after-free: ================================================================== BUG: KASAN: use-after-free in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a PCM buffermutex and mmaplock potential AB/BA deadlock...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the hfi1 module using locks before they are initialized...

The vulnerability of Microsoft Edge browsers, related to insufficient granularity of the address areas protected by registry locks, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Edge relates to the insufficient granularity of the address spaces protected by registration blocking. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

SUSE CVE-2018-20803

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. This issue affects MongoDB Server v4.0 versions prior to 4.0.5; MongoDB Server v3.6 versions prior to 3.6.10 a...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iouring: Check whether we need to reschedule during overflow flushing. In terms of normal application usage, this list will always be empty. If an application does experience an overflow, it will have a few entries in this list...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a denial of service vulnerability, the vulnerability stems from the afsprocaddrprefswrite function in the parameter argc is less than 0 directly return without...

CVE-2024-56654 Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix using rcureadunlock while iterating The usage of rcureadunlock while inside listforeachentryrcu is not safe since for the most part entries fetched this way shall be treated as rcudereference: Note that t...