133 matches found
UBUNTU-CVE-2024-46861
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: Payload too short Payload formatted incorrecly e.g. bad NCM framing Lack of memory None of these should cause the driver to seize u...
UBUNTU-CVE-2024-45019
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take state lock during tx timeout reporter mlx5esafereopenchannels requires the state lock taken. The referenced changed in the Fixes tag removed the lock to fix another issue. This patch adds it back but at a later...
UBUNTU-CVE-2024-44945
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink: Initialise extack before use in ACKs Add missing extack initialisation when ACKing BATCHBEGIN and BATCHEND...
UBUNTU-CVE-2023-52894
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: fix potential NULL ptr deref in ncmbitrate In Google internal bug 265639009 we've received an as yet unreproducible crash report from an aarch64 GKI 5.10.149-android13 running device. AFAICT the source code is...
UBUNTU-CVE-2023-52903
In the Linux kernel, the following vulnerability has been resolved: iouring: lock overflowing for IOPOLL syzbot reports an issue with overflow filling for IOPOLL: WARNING: CPU: 0 PID: 28 at iouring/iouring.c:734 iocqringeventoverflow+0x1c0/0x230 iouring/iouring.c:734 CPU: 0 PID: 28 Comm:...
UBUNTU-CVE-2024-43850
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmonremove The following warning is seen during bwmonremove due to refcount imbalance, fix this by releasing the OPPs after use. Logs: WARNING: at drivers/opp/core.c:1640...
UBUNTU-CVE-2024-42225
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skbput with skbputzero Avoid potentially reusing uninitialized data...
UBUNTU-CVE-2024-42146
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add outer runtimepm protection to xelivektest@xedmabuf Any kunit doing any memory access should get their own runtimepm outer references since they don't use the standard driver API entries. In special this dmabuf from th...
UBUNTU-CVE-2024-41043
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: drop bogus WARNON Happens when rules get flushed/deleted while packet is out, so remove this WARNON. This WARN exists in one form or another since v4.14, no need to backport this to older releases, henc...
UBUNTU-CVE-2024-41030
In the Linux kernel, the following vulnerability has been resolved: ksmbd: discard write access to the directory open mayopen does not allow a directory to be opened with the write access. However, some writing flags set by client result in adding write access on server, making ksmbd incompatible...
UBUNTU-CVE-2024-41029
In the Linux kernel, the following vulnerability has been resolved: nvmem: core: limit cell sysfs permissions to main attribute ones The cell sysfs attribute should not provide more access to the nvmem data than the main attribute itself. For example if nvmeconfig::rootonly was set, the cell...
UBUNTU-CVE-2022-48806
In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limit i2c reads to I2CSMBUSBLOCKMAX Commit effa453168a7 "i2c: i801: Don't silently correct invalid transfer size" revealed that ee1004eepromread did not properly limit how many bytes to read at once. In particular...
UBUNTU-CVE-2024-40952
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix NULL pointer dereference in ocfs2journaldirty bdev-bdsuper has been removed and commit 8887b94d9322 change the usage from bdev-bdsuper to bassocmap-host-isb. This introduces the following NULL pointer dereference in...
UBUNTU-CVE-2024-40913
In the Linux kernel, the following vulnerability has been resolved: cachefiles: defer exposing anonfd until after copytouser succeeds After installing the anonymous fd, we can now see it in userland and close it. However, at this point we may not have gotten the reference count of the cache, but ...
UBUNTU-CVE-2024-39494
In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name -dname.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it -dlock on dentry, -dlock on its parent, -irwsem exclusive on th...
UBUNTU-CVE-2024-40957
In the Linux kernel, the following vulnerability has been resolved: seg6: fix parameter passing when calling NFHOOK in End.DX4 and End.DX6 behaviors inputactionenddx4 and inputactionenddx6 are called NFHOOK for PREROUTING hook, in PREROUTING hook, we should passing a valid indev, and a NULL outde...
UBUNTU-CVE-2024-39487
In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bondoptionarpiptargetsset In function bondoptionarpiptargetsset, if newval-string is an empty string, newval-string+1 will point to the byte after the string, causing an out-of-bound read. BUG:...
UBUNTU-CVE-2024-38622
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add callback function pointer check before its call In dpucoreirqcallbackhandler callback function pointer is compared to NULL, but then callback function is unconditionally called by this pointer. Fix this bug by...
UBUNTU-CVE-2024-38439
Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibufPASSWDLEN to '\0' in FPLoginExt in login in etc/uams/uamspam.c. 2.4.1 and 3.1.19 are also fixed versions...
UBUNTU-CVE-2024-36916
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: avoid out of bounds shift UBSAN catches undefined behavior in blk-iocost, where sometimes iocg-delay is shifted right by a number that is too large, resulting in undefined behavior on some architectures. 186.556576...