AZL-56163 CVE-2024-43866 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access. Hence, drain health WQ on shutdown callba...

DEBIAN-CVE-2024-43866

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access. Hence, drain health WQ on shutdown callba...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the dmaengine/idxd component should fail when the work queue is not enabled...

SUSE CVE-2024-42313

In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdecclose There appears to be a possible use after free with vdecclose. The firmware will add buffer release work to the work queue through HFI callbacks as a normal part of decoding. Randomly...

UBUNTU-CVE-2024-42274

In the Linux kernel, the following vulnerability has been resolved: Revert "ALSA: firewire-lib: operate for period elapse event in process context" Commit 7ba5ca32fe6e "ALSA: firewire-lib: operate for period elapse event in process context" removed the process context workqueue from...

CVE-2024-42274 Revert "ALSA: firewire-lib: operate for period elapse event in process context"

In the Linux kernel, the following vulnerability has been resolved: Revert "ALSA: firewire-lib: operate for period elapse event in process context" Commit 7ba5ca32fe6e "ALSA: firewire-lib: operate for period elapse event in process context" removed the process context workqueue from...

kernel: netfilter: nf_tables: flush pending destroy work before exit_net release

A vulnerability was found in the Linux kernel's Netfilter framework, specifically within the nftables component. The issue arises from a race condition between the exitnet function and the destroy work queue, which can lead to use-after-free errors and potential system instability. This...

SUSE CVE-2024-41088

In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite loop when xmit fails When the mcp251xfdstartxmit function fails, the driver stops processing messages, and the interrupt routine does not return, running indefinitely even after killing the running...

PT-2024-30723

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50 Description The issue is related to the net/mlx5 component in the Linux kernel. During device shutdown, there is no point in recovery, and if health work has started, it needs to wait to avoid races and NU...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to cancel all jobs during the hciunregisterdev function, resulting in a possible deadlock when...

SUSE CVE-2024-40992

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix responder length checking for UD request packets According to the IBA specification: If a UD request packet is detected with an invalid length, the request shall be an invalid request and it shall be silently droppe...

DEBIAN-CVE-2024-40992

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix responder length checking for UD request packets According to the IBA specification: If a UD request packet is detected with an invalid length, the request shall be an invalid request and it shall be silently droppe...

AZL-68111 CVE-2024-39508 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: Use setbit and testbit at worker-flags Utilize setbit and testbit on worker-flags within iouring/io-wq to address potential data races. The structure ioworker-flags may be accessed through various data paths, leadi...

Astra Linux - уязвимость в linux-6.1

A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flowerstatstimer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition...

SUSE CVE-2022-48758

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy functions are removing the interface before calling destroywork. This results multiple WARNings from sysfsremovegroup as the controller rpo...

DEBIAN-CVE-2022-48758

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy functions are removing the interface before calling destroywork. This results multiple WARNings from sysfsremovegroup as the controller rpo...

UBUNTU-CVE-2022-48758

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy functions are removing the interface before calling destroywork. This results multiple WARNings from sysfsremovegroup as the controller rpo...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the scsi:bnx2fc module not flushing the destroywork queue before calling bnx2fcinterfaceput...

UBUNTU-CVE-2021-47577

In the Linux kernel, the following vulnerability has been resolved: io-wq: check for wq exit after adding new worker taskwork We check IOWQBITEXIT before attempting to create a new worker, and wq exit cancels pending work if we have any. But it's possible to have a race between the two, where...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from incorrect use of the ptp work queue for the second part of the timestamp, which stops when the port is closed...