CVE-2024-26644 btrfs: don't abort filesystem when attempting to snapshot deleted subvolume

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deleted subvolume, we get the following abort: BTRFS: Transaction aborted error -2 WARNIN...

CVE-2024-26643

A vulnerability was found in the netfilter/nftables subsystem of Linux Kernel, where a race condition caused where the garbage collector could prematurely collect elements from anonymous sets with timeouts while they were being released. Mitigation Red Hat has investigated whether a possible...

DEBIAN-CVE-2024-26643

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released fr...

UBUNTU-CVE-2024-26643

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released fr...

DEBIAN-CVE-2024-26369

An issue in the HistoryQosPolicy component of FastDDS v2.12.x, v2.11.x, v2.10.x, and v2.6.x leads to a SIGABRT signal abort upon receiving DataWriter's data...

eProsima Fast DDS Security Vulnerability

eProsima Fast DDS is the C++ implementation of eProsima's OMG Object Management Group DDS Data Distribution Service standard. A security vulnerability exists in eProsima Fast DDS that stems from a possible signal abort when receiving data...

PT-2024-21371 · Fastdds +1 · Fastdds +1

Name of the Vulnerable Software and Affected Versions: FastDDS versions 2.6.x through 2.12.x Description: An issue in the HistoryQosPolicy component of FastDDS leads to a SIGABRT signal abort upon receiving DataWriter's data. Recommendations: For versions 2.6.x through 2.12.x, consider disabling...

UBUNTU-CVE-2021-47113

In the Linux kernel, the following vulnerability has been resolved: btrfs: abort in renameexchange if we fail to insert the second ref Error injection stress uncovered a problem where we'd leave a dangling inode ref if we failed during a renameexchange. This happens because we insert the inode re...

SUSE CVE-2023-52515

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsidone from srpabort After scmdehaborthandler has called the SCSI LLD ehaborthandler callback, it performs one of the following actions: Call scsiqueueinsert. Call scsifinishcommand. Call scsiehscmdadd...

DEBIAN-CVE-2023-52515

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsidone from srpabort After scmdehaborthandler has called the SCSI LLD ehaborthandler callback, it performs one of the following actions: Call scsiqueueinsert. Call scsifinishcommand. Call scsiehscmdadd...

UBUNTU-CVE-2023-52515

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsidone from srpabort After scmdehaborthandler has called the SCSI LLD ehaborthandler callback, it performs one of the following actions: Call scsiqueueinsert. Call scsifinishcommand. Call scsiehscmdadd...

CVE-2023-52515 RDMA/srp: Do not call scsi_done() from srp_abort()

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsidone from srpabort After scmdehaborthandler has called the SCSI LLD ehaborthandler callback, it performs one of the following actions: Call scsiqueueinsert. Call scsifinishcommand. Call scsiehscmdadd...

DEBIAN-CVE-2021-47060

In the Linux kernel, the following vulnerability has been resolved: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed Abort the walk of coalesced MMIO zones if kvmiobusunregisterdev fails to allocate memory for the new instance of the bus. If it can't instantiate a new bus,...

SUSE CVE-2021-46945

In the Linux kernel, the following vulnerability has been resolved: ext4: always panic when errors=panic is specified Before commit 014c9caa29d3 "ext4: make ext4abort use ext4error", the following series of commands would trigger a panic: 1. mount /dev/sda -o ro,errors=panic test 2. mount /dev/sd...

CVE-2021-47015

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RX consumer index logic in the error path. In bnxtrxpkt, the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are hitting a hardware bug a...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix port event handling on init For some reason there might be a crash during ports creation if port events are handling at the same time because fw may send initial port event with down state. The crash...

CVE-2021-46945

In the Linux kernel, the following vulnerability has been resolved: ext4: always panic when errors=panic is specified Before commit 014c9caa29d3 "ext4: make ext4abort use ext4error", the following series of commands would trigger a panic: 1. mount /dev/sda -o ro,errors=panic test 2. mount /dev/sd...

CVE-2021-46958

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free There is a race between a task aborting a transaction during a commit, a task doing an fsync and the transaction kthread, which leads to an...

CVE-2021-46945

In the Linux kernel, the following vulnerability has been resolved: ext4: always panic when errors=panic is specified Before commit 014c9caa29d3 "ext4: make ext4abort use ext4error", the following series of commands would trigger a panic: 1. mount /dev/sda -o ro,errors=panic test 2. mount...

CVE-2021-46958

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free There is a race between a task aborting a transaction during a commit, a task doing an fsync and the transaction kthread, which leads to an...