10799 matches found
CVE-2024-41085 cxl/mem: Fix no cxl_nvd during pmem region auto-assembling
In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix no cxlnvd during pmem region auto-assembling When CXL subsystem is auto-assembling a pmem region during cxl endpoint port probing, always hit below calltrace. BUG: kernel NULL pointer dereference, address:...
CVE-2024-41085
CVE-2024-41085 concerns the Linux kernel CXL memory region probing. The bug was a NULL pointer dereference when auto-assembling a pmem region during endpoint port probing because cxl_nvd (NVDIMM) was not yet registered. The fix changes the probe sequence so the cxl_nvd is available before or duri...
CVE-2024-41085 cxl/mem: Fix no cxl_nvd during pmem region auto-assembling
In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix no cxlnvd during pmem region auto-assembling When CXL subsystem is auto-assembling a pmem region during cxl endpoint port probing, always hit below calltrace. BUG: kernel NULL pointer dereference, address:...
CVE-2024-41085 cxl/mem: Fix no cxl_nvd during pmem region auto-assembling
In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix no cxlnvd during pmem region auto-assembling When CXL subsystem is auto-assembling a pmem region during cxl endpoint port probing, always hit below calltrace. BUG: kernel NULL pointer dereference, address:...
CVE-2024-41055
CVE-2024-41055 : Linux kernel vulnerability in the mm subsystem where a NULL pointer dereference could occur in pfn_section_valid() due to a race with section_deactivate() and an insufficient READ_ONCE() around ms->usage. The fix adds a value check on ms->usage before dereferencing and reli...
USN-6921-1 linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-nvidia, linux-oem-6.8, linux-raspi vulnerabilities
Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...
USN-6923-1 linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle vulnerabilities
Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...
USN-6922-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Chenyuan Yang discovered...
Italtel i-MCS NFV 安全漏洞
Italtel i-MCS NFV is an IMS/NGN core and border suite from Italtel Italy. A security vulnerability exists in Italtel i-MCS NFV version 12.1.0-20211215, which stems from stored cross-site scripting that may occur via POST parameters...
Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-6926-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6926-1 advisory. discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure...
USN-6919-1: Linux kernel vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 It was discovered that the ATA over...
USN-6918-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker...
USN-6918-1 linux-oracle vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker...
USN-6917-1: Linux kernel vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6919-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6919-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6918-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6918-1 advisory. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6917-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6917-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointe...
kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain
A vulnerability was found in the Linux kernel's netfilter subsystem, related to the nftchainfilter feature. This issue occurs when a NETDEVUNREGISTER event is reported, which can leave a stale reference to a network device in the ingress basechain. If this issue is not addressed, this stale...
kernel: uio: Fix use-after-free in uio_open
A flaw was found in the Linux kernel’s uio subsystem. A use-after-free memory flaw in the uioopen functionality allows a local user to crash or escalate their privileges on the system...
kernel: net: qcom/emac: fix UAF in emac_remove
A vulnerability was found in the Linux kernel's Qualcomm EMAC driver, where the emacremove function can lead to a use-after-free issue when the driver tries to access data after the network device has been freed, causing instability and a crash in the network subsystem...