10797 matches found
DEBIAN-CVE-2024-35859
In the Linux kernel, the following vulnerability has been resolved: block: fix module reference leakage from bdevopenbydev error path At the time bdevmayopen is called, module reference is grabbed already, hence module reference should be released if bdevmayopen failed. This problem is found by...
UBUNTU-CVE-2023-52689
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing mutex lock around get meter levels As scarlett2meterctlget uses meterlevelmap, the datamutex should be locked while accessing it...
DEBIAN-CVE-2024-35836
In the Linux kernel, the following vulnerability has been resolved: dpll: fix pin dump crash for rebound module When a kernel module is unbound but the pin resources were not entirely freed other kernel module instance of the same PCI device have had kept the reference to that pin, and kernel...
AZL-67587 CVE-2024-35808 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call mdreapsyncthread directly Currently mdreapsyncthread is called from raidmessage directly without holding 'reconfigmutex', this is definitely unsafe because mdreapsyncthread can change many fields that is...
DEBIAN-CVE-2023-52663
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: amd: Fix memory leak in amdsofacpprobe Driver uses kasprintf to initialize fwcode,databin members of struct acpdevdata, but kfree is never called to deallocate the memory, which results in a memory leak. Fix the issue ...
UBUNTU-CVE-2024-35836
In the Linux kernel, the following vulnerability has been resolved: dpll: fix pin dump crash for rebound module When a kernel module is unbound but the pin resources were not entirely freed other kernel module instance of the same PCI device have had kept the reference to that pin, and kernel...
CVE-2024-35836
CVE-2024-35836 affects the Linux kernel's dpll/pin handling logic. When a kernel module is unbound but pin resources for the same PCI device persist in memory, rebinding can leave the prop pointer stale to deallocated module memory. Invoking a pin-dump in this state crashes the kernel. The fix st...
CVE-2024-35836 dpll: fix pin dump crash for rebound module
In the Linux kernel, the following vulnerability has been resolved: dpll: fix pin dump crash for rebound module When a kernel module is unbound but the pin resources were not entirely freed other kernel module instance of the same PCI device have had kept the reference to that pin, and kernel...
CVE-2024-35836 dpll: fix pin dump crash for rebound module
In the Linux kernel, the following vulnerability has been resolved: dpll: fix pin dump crash for rebound module When a kernel module is unbound but the pin resources were not entirely freed other kernel module instance of the same PCI device have had kept the reference to that pin, and kernel...
CVE-2024-35836
In the Linux kernel, the following vulnerability has been resolved: dpll: fix pin dump crash for rebound module When a kernel module is unbound but the pin resources were not entirely freed other kernel module instance of the same PCI device have had kept the reference to that pin, and kernel...
USN-6778-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...
USN-6777-1 linux, linux-aws, linux-azure-4.15, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...
USN-6775-1 linux, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-raspi vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...
USN-6774-1 linux, linux-aws, linux-aws-6.5, linux-azure, linux-azure-6.5, linux-gcp, linux-gcp-6.5, linux-hwe-6.5, linux-laptop, linux-lowlatency, linux-lowlatency-hwe-6.5, linux-nvidia-6.5, linux-oem-6.5, linux-oracle, linux-oracle-6.5, linux-raspi, linux-signed, linux-signed-aws, linux-signed-aws-6.5, linux-starfive, linux-starfive-6.5 vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Sander...
The vulnerability of the pfn_valid() function in the include/linux/mmzone.h module of the Linux kernel’s memory management subsystem allows a attacker to cause a service failure.
The vulnerability of the pfnvalid function in the include/linux/mmzone.h module of the Linux memory management subsystem is related to an infinite recursion. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the run_spu_dma() function in the sound/sh/aica.c module of the Linux operating system’s audio subsystem allows a hacker to cause a service failure.
The vulnerability of the runspudma function in the sound/sh/aica.c file of the Linux operating system’s audio subsystem, ALSA, is related to the use of memory after deallocation due to concurrent access to resources race condition. Exploiting this vulnerability could allow an attacker to cause a...
USN-6766-2: Linux kernel vulnerabilities
It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service system crash. CVE-2024-1151 Sander Wiebing, Alvise de Faveri Tron, Herbert...
PT-2024-32166
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.52 Description A null pointer dereference vulnerability was found in the Linux kernel's Bluetooth subsystem, specifically in the btnxpuart flush function. This vulnerability can cause a kernel crash when...
The vulnerability of the mac802154_llsec_key_del() function in the net/mac802154/llsec.c module of the Linux kernel’s wireless subsystem allows a attacker to compromise the confidentiality and integrity of protected information, or cause service failures.
The vulnerability of the mac802154llseckeydel function in the net/mac802154/llsec.c module of the Linux kernel’s wireless subsystem is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of...
The vulnerability of the dev_map_init_map() function in the kernel/bpf/devmap.c module of the BPF subsystem of the Linux operating system allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the devmapinitmap function in the kernel/bpf/devmap.c module of the Linux kernel’s BPF subsystem is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...