The vulnerability of the ch_ktls component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the chktls component in the Linux operating system’s kernel is related to the absence of locking mechanisms during synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-26846

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...

UBUNTU-CVE-2024-26910

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix performance regression in swap operation The patch "netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test", commit 28628fa9 fixes a race condition. But the synchronizercu add...

DEBIAN-CVE-2024-26897

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9kwmieventtasklet until init is complete The ath9kwmieventtasklet used in ath9khtc assumes that all the data structures have been fully initialised by the time it runs. However, because of the order i...

UBUNTU-CVE-2024-26897

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9kwmieventtasklet until init is complete The ath9kwmieventtasklet used in ath9khtc assumes that all the data structures have been fully initialised by the time it runs. However, because of the order i...

CVE-2024-26897

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9kwmieventtasklet until init is complete The ath9kwmieventtasklet used in ath9khtc assumes that all the data structures have been fully initialised by the time it runs. However, because of the order i...

CVE-2024-26846

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...

CVE-2024-26846

CVE-2024-26846 affects the Linux kernel’s nvme-fc unloading path. A race between nvme_delete_ctrl and ida_destroy could double-free IDs, causing module unload hangs. The fix adds synchronization to ensure nvme_delete_ctrl code runs before leaving nvme_fc_exit_module and flushes the nvme_delete_wq...

CVE-2024-26846 nvme-fc: do not wait in vain when unloading module

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...

CVE-2024-26846 nvme-fc: do not wait in vain when unloading module

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...

CVE-2024-26846 nvme-fc: do not wait in vain when unloading module

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...

CVE-2024-26831 net/handshake: Fix handshake_req_destroy_test1

In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshakereqdestroytest1 Recently, handshakereqdestroytest1 started failing: Expected handshakereqdestroytest == req, but handshakereqdestroytest == 0000000000000000 req == 0000000060f99b40 not ok 11 reqdestroy...

SUSE CVE-2024-26803

In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIFFGRO automatically when XDP is enabled, because both features use the same NAPI machinery. The logic to clear NETIFFGRO sits in vethdisablexdp which is called...

SUSE CVE-2024-26812

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx signaling can be deconfigured, which unregisters the IRQ handler but still allows eventfds to be signaled with a NULL context through the...

CVE-2024-3786

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes SSI, through Device Synchronizations /admin/DeviceReplication. Exploitation of this vulnerability could allow a remote user to execute arbitrary code...

CVE-2024-30387 Junos OS: ACX5448 & ACX710: Due to interface flaps the PFE process can crash

A Missing Synchronization vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on ACX5448 and ACX710 allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. If an interface flaps while the system gathers statistics on that interface, two processes...

SUSE CVE-2021-47184

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40EVSIRELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sy...

The vulnerability of the virStoragePoolObjListSearch function in the virtualization management library Libvirt allows a attacker to trigger a service failure.

The vulnerability of the virStoragePoolObjListSearch function in the Libvirt management library arises due to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

Juniper Junos OS Vulnerability (JSA79187)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79187 advisory. - A Missing Synchronization vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on ACX5448 and ACX710 allows an unauthenticated, adjacent attacker...

UBUNTU-CVE-2021-47189

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory ordering between normal and ordered work functions Ordered work functions aren't guaranteed to be handled by the same thread which executed the normal work functions. The only way execution between normal/ordere...