CVE-2024-35936

A flaw was found in the Linux kernel’s btrfs module. An unhandled chunk tree lookup error in the btrfsrelocatesyschunks function in the fs/btrfs/volumes.c file will cause a denial of service...

DEBIAN-CVE-2024-35957

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix WARNON in iommu probe path Commit 1a75cc710b95 "iommu/vt-d: Use rbtree to track iommu probed devices" adds all devices probed by the iommu driver in a rbtree indexed by the source ID of each device. It assumes tha...

UBUNTU-CVE-2024-35960

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree Previously, addrulefg would only add newly created rules from the handle into the tree when they had a refcount of 1. On the other hand, createflowhandle tries hard to find and...

UBUNTU-CVE-2024-35957

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix WARNON in iommu probe path Commit 1a75cc710b95 "iommu/vt-d: Use rbtree to track iommu probed devices" adds all devices probed by the iommu driver in a rbtree indexed by the source ID of each device. It assumes tha...

CVE-2024-35960 net/mlx5: Properly link new fs rules into the tree

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree Previously, addrulefg would only add newly created rules from the handle into the tree when they had a refcount of 1. On the other hand, createflowhandle tries hard to find and...

Information Disclosure

ezsystems/ezpublish-legacy is vulnerable to Information Disclosure. The vulnerability is caused due to the module not properly checking access permissions when rendering the content tree menu. This allows the tree menu to display hidden items to unauthorized users if they access the backend URL...

CVE-2024-35936

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfsrelocatesyschunks The unhandled case in btrfsrelocatesyschunks loop is a corruption, as it could be caused only by two impossible conditions: - at first the search key is set up to lo...

UBUNTU-CVE-2024-35936

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfsrelocatesyschunks The unhandled case in btrfsrelocatesyschunks loop is a corruption, as it could be caused only by two impossible conditions: - at first the search key is set up to lo...

CVE-2024-35936 btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfsrelocatesyschunks The unhandled case in btrfsrelocatesyschunks loop is a corruption, as it could be caused only by two impossible conditions: - at first the search key is set up to lo...

CVE-2024-35936

CVE-2024-35936. In the Linux kernel, the btrfs relocation code (btrfs_relocate_sys_chunks) contains an unhandled corruption case in its chunk-tree lookup loop. The issue arises from two theoretically impossible conditions: (1) an inexact search yields a key with offset -1 for a chunk-tree item, a...

CVE-2024-35936 btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfsrelocatesyschunks The unhandled case in btrfsrelocatesyschunks loop is a corruption, as it could be caused only by two impossible conditions: - at first the search key is set up to lo...

CVE-2024-35936 btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfsrelocatesyschunks The unhandled case in btrfsrelocatesyschunks loop is a corruption, as it could be caused only by two impossible conditions: - at first the search key is set up to lo...

DEBIAN-CVE-2024-35892

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix lockdep splat in qdisctreereducebacklog qdisctreereducebacklog is called with the qdisc lock held, not RTNL. We must use qdisclookuprcu instead of qdisclookup syzbot reported: WARNING: suspicious RCU usage...

CVE-2024-35860

In the Linux kernel, the following vulnerability has been resolved: bpf: support deferring bpflink dealloc to after RCU grace period BPF link for some program types is passed as a "context" which can be used by those BPF programs to look up additional information. E.g., for multi-kprobes and...

UBUNTU-CVE-2024-35843

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Use device rbtree in iopf reporting path The existing I/O page fault handler currently locates the PCI device by calling pcigetdomainbusandslot. This function searches the list of all PCI devices until the desired...

CVE-2024-35843 iommu/vt-d: Use device rbtree in iopf reporting path

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Use device rbtree in iopf reporting path The existing I/O page fault handler currently locates the PCI device by calling pcigetdomainbusandslot. This function searches the list of all PCI devices until the desired...

CVE-2024-35798

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race in readextentbufferpages There are reports from tree-checker that detects corrupted nodes, without any obvious pattern so possibly an overwrite in memory. After some debugging it turns out there's a race when...

UBUNTU-CVE-2024-35798

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race in readextentbufferpages There are reports from tree-checker that detects corrupted nodes, without any obvious pattern so possibly an overwrite in memory. After some debugging it turns out there's a race when...

CVE-2024-35798 btrfs: fix race in read_extent_buffer_pages()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race in readextentbufferpages There are reports from tree-checker that detects corrupted nodes, without any obvious pattern so possibly an overwrite in memory. After some debugging it turns out there's a race when...

CVE-2024-35798

CVE-2024-35798 is a Linux kernel vulnerability in btrfs where a race in read_extent_buffer_pages can cause uptodate status to be missed during concurrent reads of the same extent buffer. The issue can lead to concurrent modification and tree-checker errors (e.g., corrupted nodes) due to an unnece...