kernel: net/mlx5: Properly link new fs rules into the tree

CVE-2024-35960 is a vulnerability in the Linux kernel's Mellanox MLX5 driver that affects flow steering rule handling. When identical rules are created and referenced multiple times, they can fail to properly link into the rule tree, leaving them uninitialized. This can cause system crashes durin...

SUSE-SU-2024:2603-1 Security update for shadow

This update for shadow fixes the following issues: - CVE-2013-4235: Fixed a race condition when copying and removing directory trees bsc916845...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-6898-4)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6898-4 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6893-3)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6893-3 advisory. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6898-3)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6898-3 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointe...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6898-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6898-2 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointe...

DEBIAN-CVE-2022-48833

In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...

AZL-68246 CVE-2022-48833 affecting package kernel for versions less than 5.15.186.1-1

In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...

UBUNTU-CVE-2022-48833

In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...

DEBIAN-CVE-2022-48796

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential use-after-free during probe Kasan has reported the following use after free on dev-iommu. when a device probe fails and it is in process of freeing dev-iommu in deviommufree function, a deferredprobeworkfunc...

SUSE CVE-2024-40991

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: Fix ofk3udmaglueparsechnbyid The ofk3udmaglueparsechnbyid helper function erroneously invokes "ofnodeput" on the "udmaxnp" device-node passed to it, without having incremented its reference count at a...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6898-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6898-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointe...

Considerations for Connecting XenServer to the Switch Ports

This article contains information about connecting XenServer to a switch. Background Switch ports must be configured differently for a XenServer host as opposed to a standard computer. The following considerations are recommended when connecting a XenServer to a switch: If using Spanning Tree...

CVE-2024-40943

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix races between hole punching and AIO+DIO After commit "ocfs2: return real error code in ocfs2diowrgetblock", fstests/generic/300 become from always failed to sometimes failed:...

CVE-2024-40916

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRM core adds an artificial 1024x786 mode to the connector. Unfortunately some variant...

CVE-2024-40943 ocfs2: fix races between hole punching and AIO+DIO

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix races between hole punching and AIO+DIO After commit "ocfs2: return real error code in ocfs2diowrgetblock", fstests/generic/300 become from always failed to sometimes failed:...

CVE-2024-40943 ocfs2: fix races between hole punching and AIO+DIO

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix races between hole punching and AIO+DIO After commit "ocfs2: return real error code in ocfs2diowrgetblock", fstests/generic/300 become from always failed to sometimes failed:...

CVE-2024-40943

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix races between hole punching and AIO+DIO After commit "ocfs2: return real error code in ocfs2diowrgetblock", fstests/generic/300 become from always failed to sometimes failed:...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6893-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6893-1 advisory. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A...

kernel: net/mlx5: Properly link new fs rules into the tree

CVE-2024-35960 is a vulnerability in the Linux kernel's Mellanox MLX5 driver that affects flow steering rule handling. When identical rules are created and referenced multiple times, they can fail to properly link into the rule tree, leaving them uninitialized. This can cause system crashes durin...