7527 matches found
DEBIAN-CVE-2024-7730
A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtiosndpcmincb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element...
PT-2024-35672
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-162.6.1.el9 1.x86 64 Description A vulnerability in the Linux kernel has been resolved, specifically in the RDMA/mlx5 component. The issue involved moving events notifier registration to be after device...
CVE-2024-51566
The NVMe driver queue processing is vulernable to guest-induced infinite loops...
CVE-2024-51566 bhyve(8) NVMe driver to guest-induced infinite loops.
The NVMe driver queue processing is vulernable to guest-induced infinite loops...
kernel: Kernel: Denial of Service via memory leak in mqueue component
A flaw was found in the Linux kernel's mqueue message queue component. A local attacker with low privileges could exploit a memory leak in the initmqueuefs function. This vulnerability occurs when retiremqsysctls is not called after setupmqsysctls fails, leading to resource exhaustion. This could...
kernel: blk-mq: fix tags leak when shrink nr_hw_queues
A memory leak flaw was found in the Linux kernel's block multi-queue blk-mq subsystem. When the number of hardware queues is reduced via the submitqueues parameter, the tags associated with the removed queues are not freed, causing a memory leak. This occurs because shrinking nrhwqueues does not...
kernel: scsi: sg: Avoid sg device teardown race
The bug is about a race condition in the Linux kernel's SCSI generic sg driver. The problem occurs during the removal of devices when the driver accesses a resource requestqueue that may have already been freed, leading to a NULL pointer dereference. This issue can result in system crashes,...
kernel: nvme-fabrics: use reserved tag for reg read/write command
In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of adminq. If a reset nvme reset or IO timeout...
kernel: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink
In Linux kernel net/mlx5e, for SHAMPO, it is possible to receive CQEs with 0 consumed strides for the same WQE even after the WQE is fully consumed and unlinked. This triggers an additional unlink for the same wqe which corrupts the linked list...
kernel: block: fix request.queuelist usage in flush
A vulnerability was found in the Linux kernel's block subsystem, where the issue arises when the request queue list is not properly initialized for the first request in the PREFLUSH/POSTFLUSH sequences, leading to potential kernel crashes due to improper list manipulation...
kernel: usb: udc: remove warning when queue disabled ep
In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled ep The Linux kernel CVE team has assigned CVE-2024-35822 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051744-CVE-2024-35822-410b@gregkh/T...
kernel: drm/i915/gt: Reset queue_priority_hint on parking
A flaw was found in the i915 module in the Linux kernel. Under some conditions, an assertion failure can be triggered and cause a denial of service...
kernel: dmaengine: idxd: Avoid unnecessary destruction of file_ida
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Avoid unnecessary destruction of fileida fileida is allocated during cdev open and is freed accordingly during cdev release. This sequence is guaranteed by driver file operations. Therefore, there is no need to...
kernel: tcp: make sure init the accept_queue's spinlocks once
In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the acceptqueue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: 19 PID: 21160 at...
kernel: wifi: rt2x00: restart beacon queue when hardware reset
A flaw was found in the Linux kernel. When a hardware reset is triggered, all registers are reset, so all queues are forced to stop in the hardware interface. However, mac80211 will not automatically stop the queue. If the beacon queue is not manually stopped, it will be deadlocked and unable to...
kernel: drm/amdgpu: fix deadlock while reading mqd from debugfs
A flaw was found in the drm/amdgpu subsystem in the Linux kernel, involving a deadlock occurring when reading the Memory Queue Descriptor MQD from debugfs. This issue could cause the system to hang during debug operations...
CVE-2024-50001
...
crypto: hisilicon/qm - inject error before stopping queue
...
SUSE CVE-2024-50183
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DAID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down. Failure to release fabric ndlps beforeha...
CVE-2024-50039
...