CVE-2024-53170 block: fix uaf for flush rq while iterating tags

In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blkmqclearflushrqmapping is not called during scsi probe, by checking blkqueueinitdone. However, QUEUEFLAGINITDONE is cleared in delgendisk by commit aec89dc5d421 "block: keep...

CVE-2024-53169 nvme-fabrics: fix kernel crash while shutting down controller

In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: fix kernel crash while shutting down controller The nvme keep-alive operation, which executes at a periodic interval, could potentially sneak in while shutting down a fabric controller. This may lead to a race betwe...

CVE-2024-53169 nvme-fabrics: fix kernel crash while shutting down controller

In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: fix kernel crash while shutting down controller The nvme keep-alive operation, which executes at a periodic interval, could potentially sneak in while shutting down a fabric controller. This may lead to a race betwe...

CVE-2024-53169

The CVE-2024-53169 issue is in the Linux kernel nvme-fabrics shutdown path. A race can occur when the nvme keep-alive async request sneaks in during controller shutdown, potentially racing with admin queue destruction and the hw/hctx queue dispatcher. If the in-flight keep-alive touches the admin...

CVE-2024-53164

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch-q.qlen around qdisctreereducebacklog need to happen before a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become...

OESA-2024-2590 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: afunix: Update unixsksk-oobskb under skreceivequeue lock. Billy Jheng Bing-Jhong reported a race between unixgc and queueoob. unixgc tries to garbage-collect...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which originates from the media:mtk-jpeg module where the work queue is not destroyed during uninstallation of the module...

PT-2024-36900

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description A NULL pointer dereference bug in the brcmfmac module occurs when a high 'sd sgentry align' value applies and a lot of queued SKBs are sent from the pkt queue. The problem is the number of...

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models arises from buffer overflows in the queue, allowing an attacker to execute arbitrary code.

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models arises due to an overflow in the buffer area. Exploiting this vulnerability allows a hacker to execute arbitrary code using a specially created file...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the block, bfq module where the bfqlimitdepth function accesses bfqq unlocked, which could lead to reuse...

CVE-2024-53160 rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu

In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in modtimer / kvfreecallrcu KCSAN reports a data race when access the krcp-monitorwork.timer.expires variable in the scheduledelayedmonitorwork function: BUG: KCSAN: data-race in modtimer / kvfreecallrcu...

CVE-2024-53240

In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt to stop the queues...

UBUNTU-CVE-2024-53240

In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt to stop the queues...

CVE-2024-53240 xen/netfront: fix crash when removing device

In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt to stop the queues...

CVE-2024-53240 xen/netfront: fix crash when removing device

In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt to stop the queues...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates when a Xen network front-end device is removed immediately after going through a hang or recovery cycle, whi...

CVE-2024-52897

IBM MQ 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned...

PT-2025-3613

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns a false positive warning in the Linux kernel when cancelling WQ MEM RECLAIM work from a !WQ MEM RECLAIM worker. This warning occurs after a specific commit and is...

SUSE CVE-2024-53240

In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt to stop the queues...

IBM MQ 代码问题漏洞

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA. A denial of service vulnerability exists in IBM MQ versions 8.1.0 through 8.1.0.25, which stems from...