496 matches found
CVE-2024-31076
CVE-2024-31076: Linux kernel CPU hotplug vector leak in genirq/cpuhotplug (x86/vector). Root cause: when interrupt affinity is reconfigured via procfs, old APIC vectors aren’t reclaimed if the old CPU goes offline before the next trigger on the new CPU, leaving apicd->prev_vector in vector_mat...
CVE-2024-31076 genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline
In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline The absence of IRQDMOVEPCNTXT prevents immediate effectiveness of interrupt affinity reconfiguration via procfs. Instead, the change is deferred until the next...
SUSE CVE-2021-47368
In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinityhint irqsetaffinityhit stores a reference to the cpumaskt parameter in the irq descriptor, and that reference can be accessed later from irqaffinityhintprocshow. Since the cpumask...
CVE-2021-47290
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with commit 39ae3edda325 "scsi: target: core: Make completion affinity configurable" makes targetcompletecmd queue work on a CPU based on...
SUSE CVE-2021-47290
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with commit 39ae3edda325 "scsi: target: core: Make completion affinity configurable" makes targetcompletecmd queue work on a CPU based on...
DEBIAN-CVE-2021-47368
In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinityhint irqsetaffinityhit stores a reference to the cpumaskt parameter in the irq descriptor, and that reference can be accessed later from irqaffinityhintprocshow. Since the cpumask...
CVE-2021-47290
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with commit 39ae3edda325 "scsi: target: core: Make completion affinity configurable" makes targetcompletecmd queue work on a CPU based on...
CVE-2021-47290
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with commit 39ae3edda325 "scsi: target: core: Make completion affinity configurable" makes targetcompletecmd queue work on a CPU based on...
UBUNTU-CVE-2021-47290
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with commit 39ae3edda325 "scsi: target: core: Make completion affinity configurable" makes targetcompletecmd queue work on a CPU based on...
UBUNTU-CVE-2021-47368
In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinityhint irqsetaffinityhit stores a reference to the cpumaskt parameter in the irq descriptor, and that reference can be accessed later from irqaffinityhintprocshow. Since the cpumask...
CVE-2021-47290 scsi: target: Fix NULL dereference on XCOPY completion
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with commit 39ae3edda325 "scsi: target: core: Make completion affinity configurable" makes targetcompletecmd queue work on a CPU based on...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing illegal access when reading affinityhint...
kernel: virtio-vdpa: Fix cpumask memory leak in virtio_vdpa_find_vqs()
A memory leak was found in the virtio-vdpa driver. The cpumask allocated by createaffinitymasks is not freed before the function returns, causing a small memory leak each time virtqueues are set up...
kernel: virtio_vdpa: build affinity masks conditionally
A flaw was found in the Linux kernel's virtio vDPA driver. When the number of device queues exceeds the number of CPUs, the createaffinitymasks function triggers a kernel warning in groupcpusevenly. This occurs because the affinity logic assumes CPUs are not fewer than queue groups, which doesn't...
SUSE CVE-2024-26742
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...
DEBIAN-CVE-2024-26742
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Security Bulletin: Vulnerabilities in IBM DB2 affects IBM Application Performance Management products.
Summary IBM DB2 is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2023-29257 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
PT-2025-54137
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-rc6+ Description The Linux kernel contains a flaw within the vduse module. Specifically, the vduse vdpa set vq affinity callback function may be invoked with a NULL value as the cpu mask when a vduse device...