DEBIAN-CVE-2024-27012

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: restore set elements when delete set fails From abort path, nftmapelemactivate needs to restore refcounters to the original state. Currently, it uses the set-ops-walk to iterate over these set elements. The...

AZL-42195 CVE-2024-27012 affecting package kernel for versions less than 6.6.57.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: restore set elements when delete set fails From abort path, nftmapelemactivate needs to restore refcounters to the original state. Currently, it uses the set-ops-walk to iterate over these set elements. The...

DEBIAN-CVE-2024-27011

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...

AZL-54581 CVE-2024-27011 affecting package kernel for versions less than 6.6.64.2-9

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...

CVE-2024-27011

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...

CVE-2024-27012

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: restore set elements when delete set fails From abort path, nftmapelemactivate needs to restore refcounters to the original state. Currently, it uses the set-ops-walk to iterate over these set elements. The...

UBUNTU-CVE-2024-27012

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: restore set elements when delete set fails From abort path, nftmapelemactivate needs to restore refcounters to the original state. Currently, it uses the set-ops-walk to iterate over these set elements. The...

UBUNTU-CVE-2024-27011

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...

CVE-2024-27012 netfilter: nf_tables: restore set elements when delete set fails

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: restore set elements when delete set fails From abort path, nftmapelemactivate needs to restore refcounters to the original state. Currently, it uses the set-ops-walk to iterate over these set elements. The...

CVE-2024-27011

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...

CVE-2024-26989 arm64: hibernate: Fix level3 translation fault in swsusp_save()

In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsuspsave On arm64 machines, swsuspsave faults if it attempts to access MEMBLOCKNOMAP memory ranges. This can be reproduced in QEMU using UEFI when booting with rodata=off...

SUSE CVE-2024-26925

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release mutex after nftgcseqend from abort path The commit mutex should not be released during the critical section between nftgcseqbegin and nftgcseqend, otherwise, async GC worker could collect expired...

DEBIAN-CVE-2024-26925

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release mutex after nftgcseqend from abort path The commit mutex should not be released during the critical section between nftgcseqbegin and nftgcseqend, otherwise, async GC worker could collect expired...

UBUNTU-CVE-2024-26925

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release mutex after nftgcseqend from abort path The commit mutex should not be released during the critical section between nftgcseqbegin and nftgcseqend, otherwise, async GC worker could collect expired...

CVE-2024-3652

...

SUSE CVE-2024-26845

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmrlist handling An abort that is responded to by iSCSI itself is added to tmrlist but does not go to target core. A LUNRESET that goes through tmrlist takes a refcounter on the abort and waits for...

CVE-2024-26845

A soft lockup flaw was found in the Linux kernel’s TCM Storage Engine functionality in how a user triggers an abort for iSCSI. This flaw allows a local user to potentially crash the system...

DEBIAN-CVE-2024-26845

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmrlist handling An abort that is responded to by iSCSI itself is added to tmrlist but does not go to target core. A LUNRESET that goes through tmrlist takes a refcounter on the abort and waits for...

CVE-2024-26845

CVE-2024-26845 (Linux kernel) involves the SCSI target core handling of TMF in tmr_list. The issue: an abort processed by iSCSI could be added to tmr_list but not handled by target core, causing a LUN_RESET path to wait for an abort that never completes. Public advisories show debug traces (e.g.,...

CVE-2024-26845 scsi: target: core: Add TMF to tmr_list handling

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmrlist handling An abort that is responded to by iSCSI itself is added to tmrlist but does not go to target core. A LUNRESET that goes through tmrlist takes a refcounter on the abort and waits for...