70 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2024-27013)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27013 advisory. - In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal...
RockyLinux 9 : kernel (RLSA-2024:8617)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:8617 advisory. hw: cpu: intel: Native Branch History Injection BHI CVE-2024-2201 kernel: tcp: add sanity checks to rx zerocopy CVE-2024-26640 kernel: mptcp: fix data...
kernel: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()
A vulnerability was found in the Linux kernel's ext4 filesystem within the ext4fillsuper function, where uninitialized access to ratelimitstate-lock can occur, where the sysfs interface is registered before properly initializing rs-lock, potentially allowing other processes to modify rs-interval ...
kernel: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()
A vulnerability was found in the Linux kernel's ext4 filesystem within the ext4fillsuper function, where uninitialized access to ratelimitstate-lock can occur, where the sysfs interface is registered before properly initializing rs-lock, potentially allowing other processes to modify rs-interval ...
kernel: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()
A vulnerability was found in the Linux kernel's ext4 filesystem within the ext4fillsuper function, where uninitialized access to ratelimitstate-lock can occur, where the sysfs interface is registered before properly initializing rs-lock, potentially allowing other processes to modify rs-interval ...
kernel: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()
A vulnerability was found in the Linux kernel's ext4 filesystem within the ext4fillsuper function, where uninitialized access to ratelimitstate-lock can occur, where the sysfs interface is registered before properly initializing rs-lock, potentially allowing other processes to modify rs-interval ...
CVE-2024-47734
In the Linux kernel, the following vulnerability has been resolved: bonding: Fix unnecessary warnings and logs from bondxdpgetxmitslave syzbot reported a WARNING in bondxdpgetxmitslave. To reproduce this1, one bond device bond1 has xdpdrv, which increases bpfmasterredirectenabledkey. Another bond...
CVE-2024-47734
In the Linux kernel, the following vulnerability has been resolved: bonding: Fix unnecessary warnings and logs from bondxdpgetxmitslave syzbot reported a WARNING in bondxdpgetxmitslave. To reproduce this1, one bond device bond1 has xdpdrv, which increases bpfmasterredirectenabledkey. Another bond...
CVE-2024-47734 bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave()
In the Linux kernel, the following vulnerability has been resolved: bonding: Fix unnecessary warnings and logs from bondxdpgetxmitslave syzbot reported a WARNING in bondxdpgetxmitslave. To reproduce this1, one bond device bond1 has xdpdrv, which increases bpfmasterredirectenabledkey. Another bond...
CVE-2024-47734 bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave()
In the Linux kernel, the following vulnerability has been resolved: bonding: Fix unnecessary warnings and logs from bondxdpgetxmitslave syzbot reported a WARNING in bondxdpgetxmitslave. To reproduce this1, one bond device bond1 has xdpdrv, which increases bpfmasterredirectenabledkey. Another bond...
CVE-2024-47734
CVE-2024-47734: In the Linux kernel, the bonding subsystem fixed unnecessary warnings/logs from bond_xdp_get_xmit_slave(). The patch removes a WARN_ON_ONCE() and adds rate limiting to netdev_err() to reduce log noise when XDP is used on bonded interfaces (e.g., with bond1 xdpdrv and bond0/slave v...
kernel: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()
A vulnerability was found in the Linux kernel's ext4 filesystem within the ext4fillsuper function, where uninitialized access to ratelimitstate-lock can occur, where the sysfs interface is registered before properly initializing rs-lock, potentially allowing other processes to modify rs-interval ...
kernel: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()
A vulnerability was found in the Linux kernel's ext4 filesystem within the ext4fillsuper function, where uninitialized access to ratelimitstate-lock can occur, where the sysfs interface is registered before properly initializing rs-lock, potentially allowing other processes to modify rs-interval ...
kernel: netfilter: nft_limit: reject configurations that cause integer overflow
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftlimit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its better to reject this...
SUSE CVE-2024-40998
In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninitialized ratelimitstate-lock access in ext4fillsuper In the following concurrency we will access the uninitialized rs-lock: ext4fillsuper ext4registersysfs // sysfs registered msgratelimitintervalms // Other...
AZL-67767 CVE-2024-40998 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninitialized ratelimitstate-lock access in ext4fillsuper In the following concurrency we will access the uninitialized rs-lock: ext4fillsuper ext4registersysfs // sysfs registered msgratelimitintervalms // Other...
DEBIAN-CVE-2024-40998
In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninitialized ratelimitstate-lock access in ext4fillsuper In the following concurrency we will access the uninitialized rs-lock: ext4fillsuper ext4registersysfs // sysfs registered msgratelimitintervalms // Other...
UBUNTU-CVE-2024-40998
In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninitialized ratelimitstate-lock access in ext4fillsuper In the following concurrency we will access the uninitialized rs-lock: ext4fillsuper ext4registersysfs // sysfs registered msgratelimitintervalms // Other...
CVE-2024-40998 ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninitialized ratelimitstate-lock access in ext4fillsuper In the following concurrency we will access the uninitialized rs-lock: ext4fillsuper ext4registersysfs // sysfs registered msgratelimitintervalms // Other...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly initialize the lock on the ratelimitstate during initialization of the ext4 filesystem...