UBUNTU-CVE-2021-47143

In the Linux kernel, the following vulnerability has been resolved: net/smc: remove device from smcddevlist after failed deviceadd If the deviceadd for a smcddev fails, there's no cleanup step that rolls back the earlier listadd. The device subsequently gets freed, and we end up with a corrupted...

UBUNTU-CVE-2021-47124

In the Linux kernel, the following vulnerability has been resolved: iouring: fix link timeout refs WARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcountwarnsaturate+0x15b/0x1a0 lib/refcount.c:28 RIP: 0010:refcountwarnsaturate+0x15b/0x1a0 lib/refcount.c:28 Call Trace: refcountsubandtest...

UBUNTU-CVE-2021-47054

In the Linux kernel, the following vulnerability has been resolved: bus: qcom: Put child node before return Put child node before return to fix potential reference count leak. Generally, the reference count of child is incremented and decremented automatically in the macro...

UBUNTU-CVE-2021-47064

In the Linux kernel, the following vulnerability has been resolved: mt76: fix potential DMA mapping leak With buf uninitialized in mt76dmatxqueueskbraw, its field skipunmap could potentially inherit a non-zero value from stack garbage. If this happens, it will cause DMA mappings for MCU command...

UBUNTU-CVE-2021-46987

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when cloning inline extents and using qgroups There are a few exceptional cases where cloning an inline extent needs to copy the inline extent data into a page of the destination inode. When this happens, we e...

UBUNTU-CVE-2023-52471

In the Linux kernel, the following vulnerability has been resolved: ice: Fix some null pointer dereference issues in iceptp.c devmkasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure...

UBUNTU-CVE-2023-52436

In the Linux kernel, the following vulnerability has been resolved: f2fs: explicitly null-terminate the xattr list When setting an xattr, explicitly null-terminate the xattr list. This eliminates the fragile assumption that the unused xattr space is always zeroed...

UBUNTU-CVE-2024-25741

printerwrite in drivers/usb/gadget/function/fprinter.c in the Linux kernel through 6.7.4 does not properly call usbepqueue, which might allow attackers to cause a denial of service or have unspecified other impact...

CVE-2023-5717

A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve local privilege escalation. If perfreadgroup is called while an event's siblinglist is smaller than its child's siblinglist, it can increment or write to memor...

UBUNTU-CVE-2023-42753

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local...

CVE-2023-32629

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...

Canonical Ubuntu 安全漏洞

Canonical Ubuntu is a GNU/Linux operating system for desktop applications from Canonical, a British company. A security vulnerability exists in Canonical Ubuntu that stems from Overlayfs ovlcopyupmetainodedata skipping privilege checking when ovldosetxattr is called on the Ubuntu kernel...

UBUNTU-CVE-2023-35826

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrusremove in drivers/staging/media/sunxi/cedrus/cedrus.c...

UBUNTU-CVE-2023-35829

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdecremove in drivers/staging/media/rkvdec/rkvdec.c...

SUSE CVE-2023-2612

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

CVE-2023-2612

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

CVE-2023-31081

An issue was discovered in drivers/media/test-drivers/vidtv/vidtvbridge.c in the Linux kernel 6.2. There is a NULL pointer dereference in vidtvmuxstopthread. In vidtvstopstreaming, after dvb-mux=NULL occurs, it executes vidtvmuxstopthreaddvb-mux...

UBUNTU-CVE-2023-28866

In the Linux kernel through 6.2.8, net/bluetooth/hcisync.c allows out-of-bounds access because ampinit1 and ampinit2 are supposed to have an intentionally invalid element, but do not...

K54635192: Linux kernel overlayfs vulnerability CVE-2021-3493

Security Advisory Description The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the...

SUSE CVE-2019-15794

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-vmfile in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vmfile points. On...