6095 matches found
CVE-2024-57898 wifi: cfg80211: clear link ID from bitmap during link delete after clean up
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first removed from the validlinks bitmap before performing any clean-up operations. However, some functio...
CVE-2024-57895
CVE-2024-57895 affects the Linux kernel component ksmbd, where the code path for setting file times (mtime) would warn when ATTR_CTIME flags were not considered. The connected Azure Linux 3.0 security update notes that ksmbd was attempting to set atime/mtime via notify_change without setting ctim...
CVE-2024-57895
In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTRCTIME flags when setting mtime David reported that the new warning from setattrcopymgtime is coming like the following. 113.215316 ------------ cut here ------------ 113.215974 WARNING: CPU: 1 PID: 31 at...
CVE-2024-57895 ksmbd: set ATTR_CTIME flags when setting mtime
In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTRCTIME flags when setting mtime David reported that the new warning from setattrcopymgtime is coming like the following. 113.215316 ------------ cut here ------------ 113.215974 WARNING: CPU: 1 PID: 31 at...
CVE-2024-57893
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal buffer and this...
CVE-2024-57889
In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking If a device uses MCP23xxx IO expander to receive IRQs, the following bug can happen: BUG: sleeping function called from invalid context at...
CVE-2024-57885
In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping function called from invalid context at print message Address a bug in the kernel that triggers a "sleeping function called from invalid context" warning when /sys/kernel/debug/kmemleak is printed under...
CVE-2024-57883
In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: independent PMD page table shared count The folio refcount may be increased unexpectly through trygetfolio by caller such as splithugepages. In hugepmdunshare, we use refcount to check whether a pmd page table is...
CVE-2024-57882 mptcp: fix TCP options overflow.
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix TCP options overflow. Syzbot reported the following splat: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 1 PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range...
Advisory ROSA-SA-2025-2558
Software: libsoup 2.62.2 OS: rosa-server79 packageevrstring: libsoup-2.62.2-2.0.1.res7 CVE-ID: CVE-2024-52530 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in GNOME libsoup allows HTTP request smuggling attack due to ignoring '\0' characters at the end of header names. CVE-STATUS: The...
Hotfix XS82ECU1080 - For Citrix Hypervisor 8.2 Cumulative Update 1
Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2 Cumulative Update 1 and is only available to customers on theCustomer Success Servicesprogram. Note: Citrix Hypervisor 8.2 Cumulative Update 1 reaches end of life on Jun 25, 2025. Upgrade toXenServer...
CVE-2024-56783
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: remove WARNONONCE on maximum cgroup level cgroup maximum depth is INTMAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove...
CVE-2024-56779
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4openowner leak when concurrent nfsd4open occur The action force umountumount -f will attempt to kill all rpctask even umount operation may ultimately fail if some files remain open. Consequently, if an action attemp...
CVE-2024-56767
In the Linux kernel, the following vulnerability has been resolved: dmaengine: atxdmac: avoid nullprtderef in atxdmacprepdmamemset The atxdmacmemsetcreatedesc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the atchan-freedescslist is empty...
CVE-2024-56766
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmelpmecccreateuser The "user" pointer was converted from being allocated with kzalloc to being allocated by devmkzalloc. Calling kfreeuser will lead to a double free...
CVE-2024-56761 x86/fred: Clear WFE in missing-ENDBRANCH #CPs
In the Linux kernel, the following vulnerability has been resolved: x86/fred: Clear WFE in missing-ENDBRANCH CPs An indirect branch instruction sets the CPU indirect branch tracker IBT into WAITFORENDBRANCH WFE state and WFE stays asserted across the instruction boundary. When the decoder finds a...
CentOS 9 : kernel-5.14.0-547.el9
"The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-547.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink: Initialise extack before use in ACKs Add...
CVE-2024-56666
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Dereference null return value In the function pqmuninit there is a call-assignment of "pdd = kfdgetprocessdevicedata" which could be null, and this value was later dereferenced without checking...
CVE-2024-53182 Revert "block, bfq: merge bfq_release_process_ref() into bfq_put_cooperator()"
In the Linux kernel, the following vulnerability has been resolved: Revert "block, bfq: merge bfqreleaseprocessref into bfqputcooperator" This reverts commit bc3b1e9e7c50e1de0f573eea3871db61dd4787de. The bic is associated with syncbfqq, and bfqreleaseprocessref cannot be put into bfqputcooperator...
Advisory ROSA-SA-2024-2548
software: kubernetes 1.25.16 WASP: ROSA-CHROME packageevrstring: kubernetes-1.25.16-1 CVE-ID: CVE-2023-5528 BDU-ID: 2023-07938 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the kubelet utility of the Kubernetes virtual machine cluster management software tool is related to insufficient input...