CVE-2024-53148

In the Linux kernel, the following vulnerability has been resolved: comedi: Flush partial mappings in error case If some remappfnrange calls succeeded before one failed, we still have buffer pages mapped into the userspace page tables when we drop the buffer reference with comedibufmapputbm. The...

CVE-2024-10972 WinPmem Improper Input Validation vulnerability

Velocidex WinPmem versions 4.1 and below suffer from an Improper Input Validation vulnerability whereby an attacker with admin access can trigger a BSOD with a parallel thread changing the memory’s access right under the control of the user-mode application. This is due to verification only being...

[SECURITY] Fedora 40 Update: kernel-headers-6.12.4-100.fc40

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

[SECURITY] Fedora 41 Update: kernel-headers-6.12.4-200.fc41

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

USN-7154-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; -...

USN-7154-1 linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gke, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oem-6.8, linux-oracle, linux-oracle-6.8, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; -...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7154-1)

"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7154-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

kernel: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE Kunkun Jiang reported that there is a small window of opportunity for userspace to force a change of affinity for a VPE while the VPE has already been unmapped, but the...

SUSE CVE-2024-53098

In the Linux kernel, the following vulnerability has been resolved: drm/xe/ufence: Prefetch ufence addr to catch bogus address accessok only checks for addr overflow so also try to read the addr to catch invalid addr sent from userspace. cherry picked from commit...

CVE-2024-53098

In the Linux kernel, the following vulnerability has been resolved: drm/xe/ufence: Prefetch ufence addr to catch bogus address accessok only checks for addr overflow so also try to read the addr to catch invalid addr sent from userspace. cherry picked from commit...

UBUNTU-CVE-2024-53098

In the Linux kernel, the following vulnerability has been resolved: drm/xe/ufence: Prefetch ufence addr to catch bogus address accessok only checks for addr overflow so also try to read the addr to catch invalid addr sent from userspace. cherry picked from commit...

CVE-2024-53098 drm/xe/ufence: Prefetch ufence addr to catch bogus address

In the Linux kernel, the following vulnerability has been resolved: drm/xe/ufence: Prefetch ufence addr to catch bogus address accessok only checks for addr overflow so also try to read the addr to catch invalid addr sent from userspace. cherry picked from commit...

CVE-2024-53098

CVE-2024-53098 affects the Linux kernel DRM XE ufence path. The root cause is that access_ok() only checks for addr overflow and may also read the user-supplied address to catch invalid addresses, coupled with prefetching ufence addresses to detect bogus ones. The issue is remedied by a kernel fi...

CVE-2024-53098 drm/xe/ufence: Prefetch ufence addr to catch bogus address

In the Linux kernel, the following vulnerability has been resolved: drm/xe/ufence: Prefetch ufence addr to catch bogus address accessok only checks for addr overflow so also try to read the addr to catch invalid addr sent from userspace. cherry picked from commit...

CVE-2024-50192

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE Kunkun Jiang reported that there is a small window of opportunity for userspace to force a change of affinity for a VPE while the VPE has already been unmapped, but the...

CVE-2024-11263

CVE-2024-11263 concerns RISCV GP relative addressing when CONFIG_RISCV_GP=y. The gp register is reported to point 0x800 bytes past the start of the .sdata section, which the linker uses to relax accesses to global symbols. Across the connected documents, the issue is described with this root caus...

CVE-2024-11263 arch: riscv: userspace: potential security risk when CONFIG_RISCV_GP=y

When the Global Pointer GP relative addressing is enabled CONFIGRISCVGP=y, the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols...

CVE-2024-11263 arch: riscv: userspace: potential security risk when CONFIG_RISCV_GP=y

When the Global Pointer GP relative addressing is enabled CONFIGRISCVGP=y, the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols...

kernel: i2c: dev: copy userspace array safely

REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: i2c: dev: copy userspace array safely i2c-dev.c utilizes memdupuser to copy a userspace array. This is done without an overflow check. Use the new wrapper memduparrayuser to copy the array more safely...

kernel: vfio/pci: Disable auto-enable of exclusive INTx IRQ

An incorrect handling flaw was found in the Linux kernel framework for secure userspace device drivers functionality that may interrupt some of the devices. This issue could allow a local user to crash the system...