4311 matches found
UBUNTU-CVE-2024-27062
In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306 general protection...
UBUNTU-CVE-2024-27058
In the Linux kernel, the following vulnerability has been resolved: tmpfs: fix race on handling dquot rbtree A syzkaller reproducer found a race while attempting to remove dquot information from the rb tree. Fetching the rbtree root node must also be protected by the dqopt-dqiosem, otherwise,...
CVE-2024-27047
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and...
UBUNTU-CVE-2024-27047
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and...
CVE-2024-27062 nouveau: lock the client object tree.
In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306 general protection...
CVE-2024-27062 nouveau: lock the client object tree.
In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306 general protection...
CVE-2024-27062
CVE-2024-27062 relates to the Linux kernel nouveau driver, where the client object tree lacked locking and races occurred when adding/removing client objects (notably VRAM BAR mappings). The fix locks the client object tree to prevent race conditions during add/remove operations, addressing a gen...
CVE-2024-27058 tmpfs: fix race on handling dquot rbtree
In the Linux kernel, the following vulnerability has been resolved: tmpfs: fix race on handling dquot rbtree A syzkaller reproducer found a race while attempting to remove dquot information from the rb tree. Fetching the rbtree root node must also be protected by the dqopt-dqiosem, otherwise,...
CVE-2024-27058
In the Linux kernel, the following vulnerability has been resolved: tmpfs: fix race on handling dquot rbtree A syzkaller reproducer found a race while attempting to remove dquot information from the rb tree. Fetching the rbtree root node must also be protected by the dqopt-dqiosem, otherwise,...
CVE-2024-27047 net: phy: fix phy_get_internal_delay accessing an empty array
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and...
CVE-2024-27047
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and...
CVE-2024-27047 net: phy: fix phy_get_internal_delay accessing an empty array
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and...
CVE-2024-27004
CVE-2024-27004 in the Linux kernel affects the clk subsystem, where runtime PM resuming/suspending a device while holding the clk prepare_lock can deadlock (ABBA) when walking the clock tree during disable_unused. The issue manifests as hung tasks (e.g., swapper/0 and a kworker) and a deadlock be...
CVE-2024-27004 clk: Get runtime PM before walking tree during disable_unused
In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disableunused Doug reported 1 the following hung task: INFO: task swapper/0:1 blocked for more than 122 seconds. Not tainted 5.15.149-21875-gf795ebc40eb8 1 "echo 0...
CVE-2024-27004
In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disableunused Doug reported 1 the following hung task: INFO: task swapper/0:1 blocked for more than 122 seconds. Not tainted 5.15.149-21875-gf795ebc40eb8 1 "echo 0...
CVE-2024-27000 serial: mxs-auart: add spinlock around changing cts state
In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uarthandlectschange function in serialcore expects the caller to hold uport-lock. For example, I have seen the below kernel splat, when the Bluetooth driver is loaded ...
kernel: maple_tree: fix potential out-of-bounds access in mas_wr_end_piv()
In the Linux kernel, the following vulnerability has been resolved: mapletree: fix potential out-of-bounds access in maswrendpiv Check the write offset end bounds before using it as the offset into the pivot array. This avoids a possible out-of-bounds access on the pivot array if the write extend...
kernel: ext4: fix bug_on in __es_tree_search caused by bad boot loader inode
A flaw was identified in the ext4 filesystem implementation in the Linux kernel where a malformed or improperly initialized boot loader inode could trigger a BUGON condition inside the estreesearch function. This occurs when the inode’s mode imode is an unexpected type and the code does not...
kernel: ext4: fix rbtree traversal bug in ext4_mb_use_preallocated
A flaw was identified in the ext4 filesystem’s block preallocation allocator in the Linux kernel. During allocation, the code traverses an rbtree of per-inode preallocations.Concurrently, the helper ext4mbdiscardgrouppreallocation can mark PAs as deleted, which may cause a naive rbtree traversal ...
RHEL 7 : qemu-kvm-rhev (RHSA-2019:1743)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1743 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the...