CVE-2024-44964

In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and crashes while performing a soft reset The second tagged commit introduced a UAF, as it removed restoring qvector-vport pointers after reinitializating the structures. This is due to that all queue...

kernel: nvme-rdma: destroy cm id before destroy qp to avoid use after free

A vulnerability was found in the Linux kernel's nvme-rdma driver where the driver failed to destroy a component cmid before another component qp was destroyed. This issue occurs when the kernel incorrectly manages memory during RDMA, leading to a potential use-after-free...

kernel: ionic: fix use after netif_napi_del()

A vulnerability was found in the Linux kernel's Ionic driver in the ionicqcqenable function, where the issue arises when the driver fails to reset the .poll pointer to NULL after a queue is unregistered via netifnapidel, leading to a use-after-free scenario when attempting to enable a previously...

kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq

in linux kernel, shift undefined behavior occurs in bnxtqpliballocinithwq with hwqattr-auxdepth of nonzero and hwqattr-auxstride of zero...

kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq

in linux kernel, shift undefined behavior occurs in bnxtqpliballocinithwq with hwqattr-auxdepth of nonzero and hwqattr-auxstride of zero...

kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry

A flaw was found in the Linux kernel’s IPC system. This flaw allows an attacker to use a specially crafted program to cause a rare race condition, leading to a denial of service...

Monero: A peer can remotely fill the pending block queue to an extremely high size, with blocks that will never leave the queue.

The pending block queue in the Monero cryptocurrency protocol could be remotely filled to an extremely high size, up to approximately 54 GB, with blocks that would never leave the queue. This was possible due to lax rules in the synchronization code that allowed the queue size limit to be bypasse...

SUSE CVE-2021-4442

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ after restoring data in the receive queue. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096, PROTNONE,...

CVE-2021-4442

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ after restoring data in the receive queue. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096, PROTNONE,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the schedfork function opening up competition with system calls by not placing tasks in the run queue...

DEBIAN-CVE-2021-4442

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ after restoring data in the receive queue. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096, PROTNONE,...

UBUNTU-CVE-2021-4442

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ after restoring data in the receive queue. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096, PROTNONE,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from incorrectly applying the TCPQUEUESEQ option when the queue is not empty, resulting in the connection being...

kernel: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxecompqueuepkt In rxecompqueuepkt an incoming response packet skb is enqueued to the resppkts queue and then a decision is made whether to run the completer task inline or schedule it. Finally the skb ...

kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment

A vulnerability was found in the Linux kernel's nvme driver. A lack of proper checks can lead to a race condition during the destruction of a queue pair when a controller is being established. This issue can lead to system instability or crashes...

kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq

in linux kernel, shift undefined behavior occurs in bnxtqpliballocinithwq with hwqattr-auxdepth of nonzero and hwqattr-auxstride of zero...

kernel: wifi: cfg80211: Lock wiphy in cfg80211_get_station

A vulnerability was found in the Linux kernel in wifi driver in cfg80211getstation function, where the wiphy was not locked before calling rdevgetstation, which lead to a NULL pointer dereference when a station disconnects and reconnects during a work queue operation, resulting in a kernel panic...

SUSE CVE-2024-44932

In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes very rarely, but possible throwing WARNs from net/core/pagepool.c:pagepooldisabledirectrecycling. Turned out idpf frees interrupt vectors with...

The vulnerability of the watch_queue_set_filter() function in the watch_queue component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the watchqueuesetfilter function in the Linux operating system’s watchqueue component is related to memory overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of data...

The vulnerability of the blkcg_init_queue() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the blkcginitqueue function in the Linux operating system’s kernel is related to the lack of memory release after the effective lifespan of the function has ended. Exploiting this vulnerability can allow an attacker to cause a service failure...