PT-2024-29826 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the drm client buffer vmap local function, which accidentally returns zero or success on the failure path. This leads to locking issues and an uninitialized map...

OESA-2024-1960 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In...

kernel: netfilter: nf_tables: fix memleak in map from abort path

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The Linux kernel CVE team has assigned CVE-2024-27011 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27011-2c70@gregkh/T...

kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge

CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability...

kernel: of: Fix double free in of_parse_phandle_with_args_map

In the Linux kernel, the following vulnerability has been resolved: of: Fix double free in ofparsephandlewithargsmap The Linux kernel CVE team has assigned CVE-2023-52679 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051750-CVE-2023-52679-948f@gregkh/T...

kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge

CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability...

kernel: of: Fix double free in of_parse_phandle_with_args_map

In the Linux kernel, the following vulnerability has been resolved: of: Fix double free in ofparsephandlewithargsmap The Linux kernel CVE team has assigned CVE-2023-52679 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051750-CVE-2023-52679-948f@gregkh/T...

SUSE CVE-2024-42233

In the Linux kernel, the following vulnerability has been resolved: filemap: replace pteoffsetmap with pteoffsetmapnolock The vmf-ptl in filemapfaultrecheckptenone is still set from handleptefault. But at the same time, we did a pteunmapvmf-pte. After a pteunmapvmf-pte unmap and rcureadunlock, th...

DEBIAN-CVE-2024-42233

In the Linux kernel, the following vulnerability has been resolved: filemap: replace pteoffsetmap with pteoffsetmapnolock The vmf-ptl in filemapfaultrecheckptenone is still set from handleptefault. But at the same time, we did a pteunmapvmf-pte. After a pteunmapvmf-pte unmap and rcureadunlock, th...

CVE-2024-42233

In the Linux kernel, the following vulnerability has been resolved: filemap: replace pteoffsetmap with pteoffsetmapnolock The vmf-ptl in filemapfaultrecheckptenone is still set from handleptefault. But at the same time, we did a pteunmapvmf-pte. After a pteunmapvmf-pte unmap and rcureadunlock, th...

kernel: scsi: qla2xxx: Fix double free of the ha->vp_map pointer

A vulnerability was found in the Linux kernel. A potential double-free in the pointer ha-vpmap exists in the Linux kernel in drivers/scsi/qla2xxx/qlaos.c...

kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge

CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability...

kernel: scsi: qla2xxx: Fix double free of the ha->vp_map pointer

A vulnerability was found in the Linux kernel. A potential double-free in the pointer ha-vpmap exists in the Linux kernel in drivers/scsi/qla2xxx/qlaos.c...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from the filemap module's use of pteoffsetmap in filemapfaultrecheckptenone could lead to the use of a PTL pointer...

The vulnerability of the do_map_benchmark() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the domapbenchmark function in the kernel/dma/mapbenchmark.c module of the Linux operating system is related to reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

SUSE CVE-2024-42063

In the Linux kernel, the following vulnerability has been resolved: bpf: Mark bpf prog stack with kmsanunposionmemory in interpreter mode syzbot reported uninit memory usages during maplookup,deleteelem. ========== BUG: KMSAN: uninit-value in devmaplookupelem kernel/bpf/devmap.c:441 inline BUG:...

Malicious code in @bingads-webui-react/with-site-map (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 997e1cce193e872c031f1482119f4899f32d99a1ecc7dc194270a504607c421e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7905 Malicious code in @bingads-webui-react/with-site-map (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 997e1cce193e872c031f1482119f4899f32d99a1ecc7dc194270a504607c421e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

bpf: Allow delete from sockmap/sockhash only if update is allowed

...

CVE-2024-41951

Pheonix App is a Python application designed to streamline various tasks, from managing files to playing mini-games. The issue is that the map of encoding/decoding languages are visible in code. The Problem was patched in 0.2.4...