Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not refreshing the asynchronous PF work queue when the vCPU is destroyed...

PT-2024-20700 · Ibm · Ibm Mq

Name of the Vulnerable Software and Affected Versions: IBM MQ versions 9.2 LTS through 9.3 CD Description: The issue allows a remote user to cause a denial of service by sending HTTP requests that would consume all available resources. Recommendations: For IBM MQ versions 9.2 LTS through 9.3 CD,...

kernel: tty: n_gsm: fix deadlock and link starvation in outgoing data path

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the...

bind9: Specific recursive query patterns may lead to an out-of-memory condition

A flaw was found in the named application, part of the bind9 package, which uses a cache database to speeds up DNS queries. To maintain its efficiency when running as a recursive name resolver, named performs a cache database clean up under certain conditions. This issue may allow an attacker to...

kernel: tty: n_gsm: fix deadlock and link starvation in outgoing data path

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the...

kernel: Linux kernel: Privilege escalation via out-of-bounds write in RDMA/siw

A flaw was identified in the Linux kernel RDMA siw implementation where an undefined opcode value could be used during immediate work request flushing while in an error state. The send queue element opcode was not correctly set, which could lead to an out-of-bounds access when mapping between the...

kernel: drm/amdgpu: fix memory leak in mes self test

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix memory leak in mes self test The fences associated with mes queue have to be freed up during amdgpuringfini...

kernel: net/mlx5e: xsk: Fix crash on regular rq reactivation

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

kernel: ice: Block switchdev mode when ADQ is active and vice versa

In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at the same time can result in nullptr dereference. To prevent this, check if ADQ is active when changi...

kernel: RDMA/cma: Allow UD qp_type to join multicast only

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Allow UD qptype to join multicast only As for multicast: - The SIDR is the only mode that makes sense; - Besides PSUDP, other port spaces like PSIB is also allowed, as it is UD compatible. In this case qkey also needs t...

kernel: scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id()

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of smpprocessorid The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC0: controller connect complete localhost kernel: BUG: using smpprocessorid in preemptible...

kernel: Linux kernel: Denial of Service vulnerability in RDMA/rxe component

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe component. A local user could trigger a kernel panic by causing an error during the setup of a Queue Pair QP in rxecreateqp. This occurs when the system attempts to clean up resources by...

kernel: Linux kernel: Denial of Service in RDMA/bnxt_re driver due to race condition during QP destruction

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA bnxtre driver. A local user could exploit a race condition that occurs when a Queue Pair QP is destroyed, but completion queue CQ polling continues. This can lead to a kernel panic, resulting in a Denial of Service DoS on the...

kernel: drm/amdkfd: Add missing gfx11 MQD manager callbacks

A NULL pointer dereference was found in the AMD KFD driver for GFX11 GPUs. The mqdstride callback was not assigned for GFX11 hardware, causing crashes when accessing the MQD debugfs interface...

kernel: RDMA/irdma: Fix data race on CQP completion stats

The Linux kernel contains a race condition vulnerability in its RDMA/irdma subsystem, where completion queue pair CQP completion statistics are read concurrently without adequate synchronization while being updated on another CPU. Under certain workloads, a lack of atomic operations and improper...

kernel: refscale: Fix uninitalized use of wait_queue_head_t

A use of uninitialized data was found in the refscale test module. The waitqueueheadt is used before being initialized, causing a race condition that can crash the kernel during testing...

No title provided

REJECTED CVE An issue was identified in the Linux kernel's netfilter subsystem related to nftables. The issue occurs when a positive value, such as NFACCEPT, is provided in the upper 16 bits of NFDROP verdict parameters, which are expected to contain valid errno values e.g., -EPERM. This improper...

kernel: net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed

A use-after-free vulnerability was found in the Linux kernel's netfilter queue subsystem. When setting up a new network namespace, if ops-init fails during opsinit, the allocated data is freed but the pointer in net-gen remains pointing to the freed memory. When nfqnlnfhookdrop is subsequently...

kernel: scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvmelswaitq wait queue System crash when qla2x00startspsp returns error code EGAIN and wakeup gets called for uninitialized wait queue sp-nvmelswaitq. qla2xxx 0000:37:00.1-2121:5: Returning existing...

kernel: RDMA/efa: Fix wrong resources deallocation order

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...