kernel: wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values

A vulnerability was found in the cfg80211 component in the Linux kernel, where a lack of proper range validation applied to the NL80211ATTRTXQQUANTUM can lead to a scenario where the userspace passes an extremely high value that the kernel is not designed to handle efficiently ex. 2^31. This can...

The vulnerability of the `bnx2fc_interface_put` function in the `fs/sysfs/group.c` component of the Linux kernel allows a attacker to compromise the accessibility of protected information.

The vulnerability of the bnx2fcinterfaceput function in the fs/sysfs/group.c component of the Linux kernel is related to the cleanup of the destroywork queue before calling bnx2fcinterfaceput. Exploiting this vulnerability could allow an attacker to influence the accessibility of protected...

OESA-2024-2154 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: jfs: fix null ptr deref in dtInsertEntry syzbot reported general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 1 PREEMPT SMP KASA...

PT-2024-36917

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel related to the wifi driver rtw88. When removing kernel modules, the driver uses skb queue purge to purge TX skb but does not report ...

SUSE CVE-2024-46766

In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...

CVE-2024-31186

Out-of-bounds Read vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::of13::QueueGetConfigReply::unpack. This issue affects libfluid: 0.1.0...

CVE-2024-31182

Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::QueuePropertyList::unpack10. This issue affects libfluid: 0.1.0...

CVE-2024-31170

Out-of-bounds Read vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::of10::StatsReplyQueue::unpack. This issue affects libfluid: 0.1.0...

CVE-2024-46797

An improper locking flaw was found in the PowerPC architecture implementation of the Linux Kernel's queued spinlocks in the queuedspinlockslowpath function. This issue occurs due to the interaction between CPU interrupts and the queued spinlock mechanism. When an interrupt occurs at a critical...

DEBIAN-CVE-2024-46797

In the Linux kernel, the following vulnerability has been resolved: powerpc/qspinlock: Fix deadlock in MCS queue If an interrupt occurs in queuedspinlockslowpath after we increment qnodesp-count and before node-lock is initialized, another CPU might see stale lock values in gettailqnode. If the...

DEBIAN-CVE-2024-46766

In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...

DEBIAN-CVE-2024-46737

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands allocation fails If the commands allocation fails in nvmettcpalloccmds the kernel crashes in nvmettcpreleasequeuework because of a NULL pointer dereference. nvmet: failed to install queue 0...

UBUNTU-CVE-2024-46737

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands allocation fails If the commands allocation fails in nvmettcpalloccmds the kernel crashes in nvmettcpreleasequeuework because of a NULL pointer dereference. nvmet: failed to install queue 0...

UBUNTU-CVE-2024-46799

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NULL dereference on XDPTX If number of TX queues are set to 1 we get a NULL pointer dereference during XDPTX. ethtool -L eth0 tx 1 ./xdp-trafficgen udp -A -a eth0 -t 2 Transmitting on eth0 ifinde...

UBUNTU-CVE-2024-46797

In the Linux kernel, the following vulnerability has been resolved: powerpc/qspinlock: Fix deadlock in MCS queue If an interrupt occurs in queuedspinlockslowpath after we increment qnodesp-count and before node-lock is initialized, another CPU might see stale lock values in gettailqnode. If the...

UBUNTU-CVE-2024-46766

In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...

CVE-2024-46797 powerpc/qspinlock: Fix deadlock in MCS queue

In the Linux kernel, the following vulnerability has been resolved: powerpc/qspinlock: Fix deadlock in MCS queue If an interrupt occurs in queuedspinlockslowpath after we increment qnodesp-count and before node-lock is initialized, another CPU might see stale lock values in gettailqnode. If the...

CVE-2024-46797

CVE-2024-46797 : In the Linux kernel (PowerPC/MCS qspinlock), a deadlock can occur when an interrupt happens in queued_spin_lock_slowpath() after qnodesp->count is incremented but before node->lock is initialized. This can allow a CPU to see stale lock values and write the wrong qnode’s nex...

CVE-2024-46797 powerpc/qspinlock: Fix deadlock in MCS queue

In the Linux kernel, the following vulnerability has been resolved: powerpc/qspinlock: Fix deadlock in MCS queue If an interrupt occurs in queuedspinlockslowpath after we increment qnodesp-count and before node-lock is initialized, another CPU might see stale lock values in gettailqnode. If the...

CVE-2024-46797

In the Linux kernel, the following vulnerability has been resolved: powerpc/qspinlock: Fix deadlock in MCS queue If an interrupt occurs in queuedspinlockslowpath after we increment qnodesp-count and before node-lock is initialized, another CPU might see stale lock values in gettailqnode. If the...