170 matches found
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow CVE-2024-43853 In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media CVE-2024-43854 ...
CLSA-2024-1731431059 kernel: Fix of 31 CVEs
driver core: bus: Fix double free in driver API busregister CVE-2024-50055 - net: tun: Fix use-after-free in tundetach CVE-2022-49014 - memcg: fix possible use-after-free in memcgwriteeventcontrol CVE-2022-48988 - ppp: fix pppasyncencode illegal access CVE-2024-50035 - drivers: media:...
CLSA-2024-1731430561 kernel: Fix of 31 CVEs
driver core: bus: Fix double free in driver API busregister CVE-2024-50055 - net: tun: Fix use-after-free in tundetach CVE-2022-49014 - memcg: fix possible use-after-free in memcgwriteeventcontrol CVE-2022-48988 - ppp: fix pppasyncencode illegal access CVE-2024-50035 - drivers: media:...
kernel: mm: list_lru: fix UAF for memory cgroup
A possible use-after-free was found in the Linux kernel in mm/listlru.c...
kernel: memcg: protect concurrent access to mem_cgroup_idr
memcg in linux kernel permit concurrent access to memcgroupidr which can lead to kernel crashes...
kernel: memcg: protect concurrent access to mem_cgroup_idr
memcg in linux kernel permit concurrent access to memcgroupidr which can lead to kernel crashes...
PT-2024-35543
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.65 Description The issue concerns a problem with the Linux kernel's memory management, specifically with the handling of Transparent Huge Pages THP deferred split queues. Recent changes in the kernel have...
OESA-2024-2217 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fix racy access to midibuf There can be concurrent accesses to line6 midibuf from both the URB completion callback and the rawmidi API access. This...
memcg: protect concurrent access to mem_cgroup_idr
...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages CVE-2024-41011 In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error...
DEBIAN-CVE-2024-46789
In the Linux kernel, the following vulnerability has been resolved: mm/slub: add check for s-flags in the alloctaggingslabfreehook When enable CONFIGMEMCG & CONFIGKFENCE & CONFIGKMEMLEAK, the following warning always occurs,This is because the following call stack occurred: mempoolalloc...
UBUNTU-CVE-2024-46789
In the Linux kernel, the following vulnerability has been resolved: mm/slub: add check for s-flags in the alloctaggingslabfreehook When enable CONFIGMEMCG & CONFIGKFENCE & CONFIGKMEMLEAK, the following warning always occurs,This is because the following call stack occurred: mempoolalloc...
AZL-49242 CVE-2024-45021 affecting package kernel for versions less than 6.6.51.1-1
In the Linux kernel, the following vulnerability has been resolved: memcgwriteeventcontrol: fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped let alone initialized with anything sane...
AZL-49170 CVE-2024-45021 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: memcgwriteeventcontrol: fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped let alone initialized with anything sane...
DEBIAN-CVE-2024-45021
In the Linux kernel, the following vulnerability has been resolved: memcgwriteeventcontrol: fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped let alone initialized with anything sane...
UBUNTU-CVE-2024-45021
In the Linux kernel, the following vulnerability has been resolved: memcgwriteeventcontrol: fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped let alone initialized with anything sane...
CVE-2024-43888
In the Linux kernel, the following vulnerability has been resolved: mm: listlru: fix UAF for memory cgroup The memcgroupfromslabobj is supposed to be called under rcu lock or cgroupmutex or others which could prevent returned memcg from being freed. Fix it by adding missing rcu read lock. Found b...
SUSE CVE-2024-43888
In the Linux kernel, the following vulnerability has been resolved: mm: listlru: fix UAF for memory cgroup The memcgroupfromslabobj is supposed to be called under rcu lock or cgroupmutex or others which could prevent returned memcg from being freed. Fix it by adding missing rcu read lock. Found b...
SUSE CVE-2024-43892
In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to memcgroupidr Commit 73f576c04b94 "mm: memcontrol: fix cgroup creation failure after many small jobs" decoupled the memcg IDs from the CSS ID space to fix the cgroup creation failures. It...
AZL-48662 CVE-2024-43892 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to memcgroupidr Commit 73f576c04b94 "mm: memcontrol: fix cgroup creation failure after many small jobs" decoupled the memcg IDs from the CSS ID space to fix the cgroup creation failures. It...