CVE-2024-41009

CVE-2024-41009 concerns the Linux kernel BPF ring buffer (MAP_TYPE_RINGBUF). The issue arose from the ringbuf memory layout allowing a second chunk to overlap the first when producer/consumer counters were manipulated, enabling edits to a header by a BPF program and potentially triggering a crash...

CVE-2024-41009 bpf: Fix overrunning reservations in ringbuf

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is implemented as a power-of-2 sized circular buffer, with two logical and ever-increasing counters: consumerpos is the consumer counter to show which...

kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets.

in linux kernel r8169, when transmitting small fragmented packets, invalid entries were inserted into the transmit ring buffer, leading to calls to dmaunmapsingle with a null address...

ALSA-2024:4583 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: TIPC message reassembly use-after-free remote code execution vulnerability CVE-2024-36886 kernel: ethernet: hisilicon: hns: hnsdsafmisc: fix a possible array overflow in hnsdsafgesrstbypo...

CVE-2024-40907

In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic in XDPTX action In the XDPTX path, ionic driver sends a packet to the TX path with rx page and corresponding dma address. After tx is done, ionictxclean frees that page. But RX ring buffer isn't reset to...

UBUNTU-CVE-2024-40907

In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic in XDPTX action In the XDPTX path, ionic driver sends a packet to the TX path with rx page and corresponding dma address. After tx is done, ionictxclean frees that page. But RX ring buffer isn't reset to...

CVE-2024-40907 ionic: fix kernel panic in XDP_TX action

In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic in XDPTX action In the XDPTX path, ionic driver sends a packet to the TX path with rx page and corresponding dma address. After tx is done, ionictxclean frees that page. But RX ring buffer isn't reset to...

CVE-2024-40907 ionic: fix kernel panic in XDP_TX action

In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic in XDPTX action In the XDPTX path, ionic driver sends a packet to the TX path with rx page and corresponding dma address. After tx is done, ionictxclean frees that page. But RX ring buffer isn't reset to...

CVE-2024-40907

In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic in XDPTX action In the XDPTX path, ionic driver sends a packet to the TX path with rx page and corresponding dma address. After tx is done, ionictxclean frees that page. But RX ring buffer isn't reset to...

SUSE CVE-2024-38601

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rbgetreaderpage swaps a new reader page into the ring buffer by doing cmpxchg on old-list.prev-next to point it to the new page. Following that, if the...

SUSE CVE-2024-38586

In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently...

SUSE CVE-2022-48714

In the Linux kernel, the following vulnerability has been resolved: bpf: Use VMMAP instead of VMALLOC for ringbuf After commit 2fd3fb0be1d1 "kasan, vmalloc: unpoison VMALLOC pages after mapping", non-VMALLOC mappings will be marked as accessible in getvmareanode when KASAN is enabled. But now the...

CVE-2024-38586

In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently...

CVE-2024-38601

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rbgetreaderpage swaps a new reader page into the ring buffer by doing cmpxchg on old-list.prev-next to point it to the new page. Following that, if the...

DEBIAN-CVE-2024-38601

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rbgetreaderpage swaps a new reader page into the ring buffer by doing cmpxchg on old-list.prev-next to point it to the new page. Following that, if the...

CVE-2024-38601

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rbgetreaderpage swaps a new reader page into the ring buffer by doing cmpxchg on old-list.prev-next to point it to the new page. Following that, if the...

DEBIAN-CVE-2024-38586

In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently...

CVE-2024-38586

In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently...

CVE-2024-38586

In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently...

UBUNTU-CVE-2024-38586

In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently...