PT-2024-9687 · Envoy · Envoy

Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.29.12 Envoy versions prior to 1.30.9 Envoy versions prior to 1.31.5 Envoy versions prior to 1.32.3 Description: The issue is related to the envoy.load shed points.http1 server abort dispatch configuration in Envoy, a...

kernel: netfilter: nf_tables: fix memleak in map from abort path

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The Linux kernel CVE team has assigned CVE-2024-27011 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27011-2c70@gregkh/T...

kernel: wifi: rtw89: fix null pointer access when abort scan

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan The Linux kernel CVE team has assigned CVE-2024-35946 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051921-CVE-2024-35946-c2c2@gregkh/T...

The vulnerability of the ufs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ufs component in the Linux operating system’s kernel is related to errors in resource management within the ufshcdabort function. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-50104 ASoC: qcom: sdm845: add missing soundwire runtime stream alloc

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: sdm845: add missing soundwire runtime stream alloc During the migration of Soundwire runtime stream allocation from the Qualcomm Soundwire controller to SoC's soundcard drivers the sdm845 soundcard was forgotten. At...

PT-2024-35643

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description The issue is related to the KVM UAPI in the Linux kernel, where returning an abort to the guest for an unsupported MMIO access can cause a warning. This warning occurs when KVM is advancing PC...

DEBIAN-CVE-2024-50062

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-srv: Avoid null pointer deref during path establishment For RTRS path establishment, RTRS client initiates and completes connum of connections. After establishing all its connections, the information is exchanged betwee...

CVE-2024-50046

CVE-2024-50046: In the Linux kernel, a NULL-pointer dereference could occur in NFSv4 when copying files saved in the mountpoint (nfs42_complete_copies()), leading to an SMP kernel crash during state recovery for an open NFS file. The issue manifests as kernel oops and related logs and is resolved...

CVE-2024-50046 NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42completecopies On the node of an NFS client, some files saved in the mountpoint of the NFS server were copied to another location of the same NFS server. Accidentally, the...

CVE-2024-50034 net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix lacks of icsksynmss with IPPROTOSMC Eric report a panic on IPPROTOSMC, and give the facts that when INETPROTOSWICSK was set, icsk-icsksyncmss must be set too. Bug: Unable to handle kernel NULL pointer dereference at...

CVE-2024-50034 net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix lacks of icsksynmss with IPPROTOSMC Eric report a panic on IPPROTOSMC, and give the facts that when INETPROTOSWICSK was set, icsk-icsksyncmss must be set too. Bug: Unable to handle kernel NULL pointer dereference at...

CVE-2024-50034

CVE-2024-50034 affects the Linux kernel net/smc, where INET_PROTOSW_ICSK can leave icsk_sync_mss unset for IPPROTO_SMC, triggering a NULL pointer dereference panic. The provided trace indicates a kernel oops when handling IPPROTO_SMC, with a failed icsk_mss synchronization. A patch sequence in st...

CVE-2024-47688

In the Linux kernel, the following vulnerability has been resolved: driver core: Fix a potential null-ptr-deref in moduleadddriver Inject fault while probing of-fpga-region, if kasprintf fails in moduleadddriver, the second sysfsremovelink in exit path will cause null-ptr-deref as below because...

CVE-2024-47715 wifi: mt76: mt7915: fix oops on non-dbdc mt7986

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix oops on non-dbdc mt7986 mt7915bandconfig sets bandidx = 1 on the main phy for mt7986 with MT7975ONEADIE or MT7976ONEADIE. Commit 0335c034e726 "wifi: mt76: fix race condition related to checking tx queue fi...

CVE-2024-47688 driver core: Fix a potential null-ptr-deref in module_add_driver()

In the Linux kernel, the following vulnerability has been resolved: driver core: Fix a potential null-ptr-deref in moduleadddriver Inject fault while probing of-fpga-region, if kasprintf fails in moduleadddriver, the second sysfsremovelink in exit path will cause null-ptr-deref as below because...

CVE-2024-47688 driver core: Fix a potential null-ptr-deref in module_add_driver()

In the Linux kernel, the following vulnerability has been resolved: driver core: Fix a potential null-ptr-deref in moduleadddriver Inject fault while probing of-fpga-region, if kasprintf fails in moduleadddriver, the second sysfsremovelink in exit path will cause null-ptr-deref as below because...

SUSE CVE-2024-47669

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix state management in error path of log writing function After commit a694291a6211 "nilfs2: separate wait function from nilfssegctorwrite" was applied, the log writing function nilfssegctordoconstruct was able to issue...

CVE-2024-47763

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

PYSEC-2024-312

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

DEBIAN-CVE-2024-47763

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...