UBUNTU-CVE-2024-38618

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to ...

UBUNTU-CVE-2024-36979

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage1 in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path br forward delay...

PT-2024-32177

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.52 Description The issue is related to the Linux kernel, specifically the xen: privcmd component. It allows for possible access to a freed kirqfd instance due to simultaneous ioctl calls to privcmd irqfd assi...

UBUNTU-CVE-2024-36971

In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when sk-dstcache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk-skdstcache, then call dstreleaseolddst. Note...

SUSE CVE-2023-52800

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix htt pktlog locking The ath11k active pdevs are protected by RCU but the htt pktlog handling code calling ath11kmacgetarbypdevid was not marked as a read-side critical section. Mark the code in question as an RCU...

SUSE CVE-2021-47407

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Handle SRCU initialization failure during page track init Check the return of initsrcustruct, which can fail due to OOM, when initializing the page track mechanism. Lack of checking leads to a NULL pointer deref found b...

The vulnerability of the rcu_cblist_dequeue function in the rcu_segcblist.c module of the Linux kernel allows a attacker to increase their privileges.

The vulnerability of the rcucblistdequeue function in the rcusegcblist.c module of the Linux kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

SUSE CVE-2023-52791

In the Linux kernel, the following vulnerability has been resolved: i2c: core: Run atomic i2c xfer when !preemptible Since bae1d3a05a8b, i2c transfers are non-atomic if preemption is disabled. However, non-atomic i2c transfers require preemption e.g. in waitforcompletion while waiting for the DMA...

SUSE CVE-2021-47318

In the Linux kernel, the following vulnerability has been resolved: archtopology: Avoid use-after-free for scalefreqdata Currently topologyscalefreqtick which gets called from schedulertick may end up using a pointer to "struct scalefreqdata", which was previously cleared by...

SUSE CVE-2023-52769

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix htt mlo-offset event locking The ath12k active pdevs are protected by RCU but the htt mlo-offset event handling code calling ath12kmacgetarbypdevid was not marked as a read-side critical section. Mark the code i...

DEBIAN-CVE-2021-47448

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible stall on recvmsg recvmsg can enter an infinite loop if the caller provides the MSGWAITALL, the data present in the receive queue is not sufficient to fulfill the request, and no more data is received by the...

DEBIAN-CVE-2023-52800

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix htt pktlog locking The ath11k active pdevs are protected by RCU but the htt pktlog handling code calling ath11kmacgetarbypdevid was not marked as a read-side critical section. Mark the code in question as an RCU...

DEBIAN-CVE-2023-52777

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix gtk offload status event locking The ath11k active pdevs are protected by RCU but the gtk offload status event handling code calling ath11kmacgetarvifbyvdevid was not marked as a read-side critical section. Mark...

UBUNTU-CVE-2023-52776

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dfs-radar and temperature event locking The ath12k active pdevs are protected by RCU but the DFS-radar and temperature event handling code calling ath12kmacgetarbypdevid was not marked as a read-side critical...

UBUNTU-CVE-2021-47318

In the Linux kernel, the following vulnerability has been resolved: archtopology: Avoid use-after-free for scalefreqdata Currently topologyscalefreqtick which gets called from schedulertick may end up using a pointer to "struct scalefreqdata", which was previously cleared by...

SUSE CVE-2024-35898

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftflowtabletypeget nftunregisterflowtabletype within nfflowinetmoduleexit can concurrent with nftflowtabletypeget within nftablesnewflowtable. And thhere is not any protection when...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a failure in the KVM:x86 module to handle SRCU initialization during page track initialization...

DEBIAN-CVE-2024-35959

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix mlx5eprivinit cleanup flow When mlx5eprivinit fails, the cleanup flow calls mlx5eselqcleanup which calls mlx5eselqapply that assures that the priv-statelock is held using lockdepisheld. Acquire the statelock in...

UBUNTU-CVE-2024-36008

In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in iprouteusehint syzbot was able to trigger a NULL deref in fibvalidatesource in an old tree 1. It appears the bug exists in latest trees. All calls to indevgetrcu must be checked for a NULL result. 1...

DEBIAN-CVE-2024-35929

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix WARNONONCE in the rcunocbbypasslock For the kernels built with CONFIGRCUNOCBCPUDEFAULTALL=y and CONFIGRCULAZY=y, the following scenarios will trigger WARNONONCE in the rcunocbbypasslock and rcunocbwaitcontended...