Oracle E-Business Suite 访问控制错误漏洞

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Universal Work Queue of Oracle...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from failure to properly handle work queue failures, which could lead to a resource leak...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from mishandling of work queue errors, which could lead to a resource leak...

kernel: idpf: fix idpf_vc_core_init error path

In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset i...

kernel: tipc: fix use-after-free Read in tipc_named_reinit

A vulnerability was found in the Linux kernel's Transparent Inter-Process Communication TIPC subsystem, allowing a use-after-free condition during the cleanup process. This issue arises when the kernel's work queue mechanism does not properly synchronize the destruction of TIPC namespaces with th...

kernel: tipc: fix use-after-free Read in tipc_named_reinit

A vulnerability was found in the Linux kernel's Transparent Inter-Process Communication TIPC subsystem, allowing a use-after-free condition during the cleanup process. This issue arises when the kernel's work queue mechanism does not properly synchronize the destruction of TIPC namespaces with th...

kernel: tipc: fix use-after-free Read in tipc_named_reinit

A vulnerability was found in the Linux kernel's Transparent Inter-Process Communication TIPC subsystem, allowing a use-after-free condition during the cleanup process. This issue arises when the kernel's work queue mechanism does not properly synchronize the destruction of TIPC namespaces with th...

SUSE CVE-2022-49986

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Remove WQMEMRECLAIM from storvscerrorwq storvscerrorwq workqueue should not be marked as WQMEMRECLAIM as it doesn't need to make forward progress under memory pressure. Marking this workqueue as WQMEMRECLAIM may...

SUSE CVE-2022-50027

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfcsli4issuewqe fails to issue the CMF WQE in lpfcissuecmfsyncwqe. If retval is non-zero, then free the iocbq request...

SUSE CVE-2022-50166

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: When HCI work queue is drained, only queue chained work The HCI command, event, and data packet processing workqueue is drained to avoid deadlock in commit 76727c02c1e1 "Bluetooth: Call drainworkqueue before resetting...

DEBIAN-CVE-2022-50116

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the...

UBUNTU-CVE-2022-50027

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfcsli4issuewqe fails to issue the CMF WQE in lpfcissuecmfsyncwqe. If retval is non-zero, then free the iocbq request...

CVE-2022-50166 Bluetooth: When HCI work queue is drained, only queue chained work

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: When HCI work queue is drained, only queue chained work The HCI command, event, and data packet processing workqueue is drained to avoid deadlock in commit 76727c02c1e1 "Bluetooth: Call drainworkqueue before resetting...

CVE-2022-50166

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: When HCI work queue is drained, only queue chained work The HCI command, event, and data packet processing workqueue is drained to avoid deadlock in commit 76727c02c1e1 "Bluetooth: Call drainworkqueue before resetting...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from queuing only chained jobs when the HCI work queue is empty...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a vibrating work queue null pointer dereference that could lead to accessing a freed queue after a device is...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of work queues during flow table cleanup, which could lead to reuse after release...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a race condition when destroying a work queue, which could lead to reuse after release...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: workqueue: Put the pwq after detaching the rescuer from the pool The commit 68f83057b913"workqueue: Reap workers via kthreadstop and remove detachcompletion" adds code to reap the normal workers but mistakenly does not handle the...

kernel: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink

In Linux kernel net/mlx5e, for SHAMPO, it is possible to receive CQEs with 0 consumed strides for the same WQE even after the WQE is fully consumed and unlinked. This triggers an additional unlink for the same wqe which corrupts the linked list...