DEBIAN-CVE-2023-52785

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix racing issue between ufshcdmcqabort and ISR If command timeout happens and cq complete IRQ is raised at the same time, ufshcdmcqabort clears lprb-cmd and a NULL pointer deref happens in the ISR. Error log:...

DEBIAN-CVE-2021-47427

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix iscsitask use after free Commit d39df158518c "scsi: iscsi: Have abort handler get ref to conn" added iscsigetconn/iscsiputconn calls during abort handling but then also changed the handling of the case where we...

CVE-2021-47269

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: ep0: fix NULL pointer exception There is no validation of the index from dwc3wIndextodep and we might be referring a non-existing ep and trigger a NULL pointer exception. In certain configurations we might use fewer ep...

UBUNTU-CVE-2021-47427

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix iscsitask use after free Commit d39df158518c "scsi: iscsi: Have abort handler get ref to conn" added iscsigetconn/iscsiputconn calls during abort handling but then also changed the handling of the case where we...

UBUNTU-CVE-2021-47248

In the Linux kernel, the following vulnerability has been resolved: udp: fix race between close and udpabort Kaustubh reported and diagnosed a panic in udpliblookup. The root cause is udpabort racing with close. Both racing functions acquire the socket lock, but udpv6destroysock release it before...

SUSE CVE-2024-35946

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan During cancel scan we might use vif that weren't scanning. Fix this by using the actual scanning vif...

PT-2024-11255 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is caused by a race between close and udp abort functions, which both acquire the socket lock. However, udpv6 destroy sock releases the lock before performing destructive...

CVE-2024-35946

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan During cancel scan we might use vif that weren't scanning. Fix this by using the actual scanning vif...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-042)

The version of kernel installed on the remote host is prior to 5.15.156-102.160. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2024-042 advisory. 2024-07-03: CVE-2024-26642 was added to this advisory. 2024-07-03: CVE-2024-26629 was added to this...

AZL-56172 CVE-2024-35946 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan During cancel scan we might use vif that weren't scanning. Fix this by using the actual scanning vif...

DEBIAN-CVE-2024-35946

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan During cancel scan we might use vif that weren't scanning. Fix this by using the actual scanning vif...

UBUNTU-CVE-2024-35946

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan During cancel scan we might use vif that weren't scanning. Fix this by using the actual scanning vif...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer access when aborting a scan...

CVE-2024-35785

In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix kernel panic caused by incorrect error handling The error path while failing to register devices on the TEE bus has a bug leading to kernel panic as follows: 15.398930 Unable to handle kernel paging request at...

RHEL 5 : xsa201_xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xsa201 xen: ARM guests may induce host asynchronous abort XSA-201 CVE-2016-9818 - Xen through 4.7.x allow...

OESA-2024-1526 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: caif: fix memory leak in cfusbldevicenotify In case of caifenrolldev fail, allocated linksupport won't be assigned to the corresponding structure. So simply...

curl: HTTP/2 push headers memory-leak

A flaw was found in curl. When an application configures libcurl to use HTTP/2 server push and the amount of received headers for the push surpasses the maximum allowed limit, libcurl aborts the server push. When aborting, libcurl does not free all the previously allocated headers, resulting in a...

SUSE CVE-2024-27011

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...

SUSE CVE-2024-27012

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: restore set elements when delete set fails From abort path, nftmapelemactivate needs to restore refcounters to the original state. Currently, it uses the set-ops-walk to iterate over these set elements. The...

SUSE CVE-2024-26978

In the Linux kernel, the following vulnerability has been resolved: serial: max310x: fix NULL pointer dereference in I2C instantiation When trying to instantiate a max14830 device from userspace: echo max14830 0x60 /sys/bus/i2c/devices/i2c-2/newdevice we get the following error: Unable to handle...