DEBIAN-CVE-2024-35860

In the Linux kernel, the following vulnerability has been resolved: bpf: support deferring bpflink dealloc to after RCU grace period BPF link for some program types is passed as a "context" which can be used by those BPF programs to look up additional information. E.g., for multi-kprobes and...

UBUNTU-CVE-2024-35860

In the Linux kernel, the following vulnerability has been resolved: bpf: support deferring bpflink dealloc to after RCU grace period BPF link for some program types is passed as a "context" which can be used by those BPF programs to look up additional information. E.g., for multi-kprobes and...

UBUNTU-CVE-2024-35892

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix lockdep splat in qdisctreereducebacklog qdisctreereducebacklog is called with the qdisc lock held, not RTNL. We must use qdisclookuprcu instead of qdisclookup syzbot reported: WARNING: suspicious RCU usage...

DEBIAN-CVE-2024-35857

In the Linux kernel, the following vulnerability has been resolved: icmp: prevent possible NULL dereferences from icmpbuildprobe First problem is a double call to indevgetrcu, because the second one could return NULL. if indevgetrcudev && indevgetrcudev-ifalist Second problem is a read from...

DEBIAN-CVE-2024-35839

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: replace physindev with physinif in nfbridgeinfo An skb can be added to a neigh-arpqueue while waiting for an arp reply. Where original skb's skb-dev can be different to neigh's neigh-dev. For instance in case o...

DEBIAN-CVE-2024-27396

In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtpdellink Since callrcu, which is called in the hlistforeachentryrcu traversal of gtpdellink, is not part of the RCU read critical section, it is possible that the RCU grace period will pass durin...

AZL-40565 CVE-2024-27396 affecting package hyperv-daemons for versions less than 6.6.35.1-1

In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtpdellink Since callrcu, which is called in the hlistforeachentryrcu traversal of gtpdellink, is not part of the RCU read critical section, it is possible that the RCU grace period will pass durin...

DEBIAN-CVE-2024-27395

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovsctexit Since kfreercu, which is called in the hlistforeachentryrcu traversal of ovsctlimitexit, is not part of the RCU read critical section, it is possible that the RCU grace period wil...

UBUNTU-CVE-2024-27394

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix Use-After-Free in tcpaoconnectinit Since callrcu, which is called in the hlistforeachentryrcu traversal of tcpaoconnectinit, is not part of the RCU read critical section, it is possible that the RCU grace period will pas...

SUSE CVE-2024-27395

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovsctexit Since kfreercu, which is called in the hlistforeachentryrcu traversal of ovsctlimitexit, is not part of the RCU read critical section, it is possible that the RCU grace period wil...

SUSE CVE-2024-27020

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftexprtypeget nftunregisterexpr can concurrent with nftexprtypeget, and there is not any protection when iterate over nftablesexpressions list in nftexprtypeget. Therefore, there i...

UBUNTU-CVE-2024-27053

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage 6.7.0-rc1-wt+ 333 N...

DEBIAN-CVE-2024-27019

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftobjtypeget nftunregisterobj can concurrent with nftobjtypeget, and there is not any protection when iterate over nftablesobjects list in nftobjtypeget. Therefore, there is...

DEBIAN-CVE-2024-26961

In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154llseckeydel mac802154llseckeydel can free resources of a key directly without following the RCU rules for waiting before the end of a grace period. This may lead to...

kernel: dm: don't attempt to queue IO under RCU protection

A sleep-in-atomic-context bug was found in the Device Mapper subsystem in the Linux kernel. When processing REQNOWAIT requests, dm incorrectly submits I/O while holding an RCU read lock, assuming that REQNOWAIT means no scheduling can occur. However, mempoolalloc and other allocation functions ma...

kernel: rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-ed

In the Linux kernel, the following vulnerability has been resolved: rcu: Avoid stack overflow due to rcuirqenterchecktick being kprobe-ed Registering a kprobe on rcuirqenterchecktick can cause kernel stack overflow as shown below. This issue can be reproduced by enabling CONFIGNOHZFULL and bootin...

SUSE CVE-2022-48649

In the Linux kernel, the following vulnerability has been resolved: mm/slabcommon: fix possible double free of kmemcache When doing slubdebug test, kfence's 'testmemcachetypesafebyrcu' kunit test case cause a use-after-free error: BUG: KASAN: use-after-free in kobjectdel+0x14/0x30 Read of size 8 ...

PT-2024-3621 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a Use-After-Free vulnerability in the tcp ao connect init function. This vulnerability is caused by a race condition in the RCU API, where the call rcu function...

SUSE CVE-2024-26910

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix performance regression in swap operation The patch "netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test", commit 28628fa9 fixes a race condition. But the synchronizercu add...

DEBIAN-CVE-2024-26910

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix performance regression in swap operation The patch "netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test", commit 28628fa9 fixes a race condition. But the synchronizercu add...