CVE-2024-26909

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmicglinkaltmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issue on pmicglinkaltmode...

CVE-2024-26909

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmicglinkaltmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issue on pmicglinkaltmode...

UBUNTU-CVE-2024-26897

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9kwmieventtasklet until init is complete The ath9kwmieventtasklet used in ath9khtc assumes that all the data structures have been fully initialised by the time it runs. However, because of the order i...

CVE-2024-26897

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9kwmieventtasklet until init is complete The ath9kwmieventtasklet used in ath9khtc assumes that all the data structures have been fully initialised by the time it runs. However, because of the order i...

CVE-2024-26909

CVE-2024-26909 concerns the Linux kernel. A DRM bridge use-after-free in the qcom pmic_glink_altmode path could occur if the dp-hpd bridge is registered before resources are fully acquired, leading to a freed bridge being referenced during display init (possibly causing NULL dereference or attach...

CVE-2024-26897 wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9kwmieventtasklet until init is complete The ath9kwmieventtasklet used in ath9khtc assumes that all the data structures have been fully initialised by the time it runs. However, because of the order i...

CVE-2024-26897 wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9kwmieventtasklet until init is complete The ath9kwmieventtasklet used in ath9khtc assumes that all the data structures have been fully initialised by the time it runs. However, because of the order i...

CVE-2024-26897

CVE-2024-26897 — Linux kernel (ath9k/ath9k_htc): A race in the ath9k_wmi_event_tasklet can occur due to init-order data-structure initialization exposed to USB before driver init completes. This may cause NULL-pointer dereferences under certain WMI commands. A partial fix existed (aborting WMI_TX...

CVE-2024-26897 wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9kwmieventtasklet until init is complete The ath9kwmieventtasklet used in ath9khtc assumes that all the data structures have been fully initialised by the time it runs. However, because of the order i...

UBUNTU-CVE-2023-52642

In the Linux kernel, the following vulnerability has been resolved: media: rc: bpf attach/detach requires write permission Note that bpf attach/detach also requires CAPNETADMIN...

SUSE CVE-2021-47202

In the Linux kernel, the following vulnerability has been resolved: thermal: Fix NULL pointer dereferences in ofthermal functions ofparsethermalzones parses the thermal-zones node and registers a thermalzone device for each subnode. However, if a thermal zone is consuming a thermal sensor and tha...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a device being exposed to the USB subsystem before the ath9k driver initialization is complete...

SUSE SLES15 Security Update : kernel (Live Patch 12 for SLE 15 SP4) (SUSE-SU-2024:1312-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1312-1 advisory. - An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of t...

USN-6726-2: Linux kernel (IoT) vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

kernel: use-after-free in sch_qfq network scheduler

A use-after-free flaw was found in qfqdequeue and aggdequeue in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This issue may allow a local user to crash the system or escalate their privileges on the system...

SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP5) (SUSE-SU-2024:1252-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1252-1 advisory. - An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of t...

SUSE SLES15 Security Update : kernel (Live Patch 40 for SLE 15 SP2) (SUSE-SU-2024:1257-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1257-1 advisory. - An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of t...

SUSE SLES15 Security Update : kernel (Live Patch 35 for SLE 15 SP2) (SUSE-SU-2024:1249-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1249-1 advisory. - An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of t...

SUSE SLES15 Security Update : kernel (Live Patch 30 for SLE 15 SP3) (SUSE-SU-2024:1246-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1246-1 advisory. - An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of t...

SUSE CVE-2024-26754

In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtpgenldumppdp The gtpnetops pernet operations structure for the subsystem must be registered before registering the generic netlink family. Syzkaller hit 'general protection fault in...