SUSE CVE-2024-42231

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix calcavailablefreespace for zoned mode calcavailablefreespace returns the total size of metadata or system block groups, which can be allocated from unallocated disk space. The logic is wrong on zoned mode in two...

PT-2024-25800 · Unjs/Ufo +1 · Unjs/Ufo +1

Name of the Vulnerable Software and Affected Versions: Nuxt versions prior to 3.12.4 Description: The navigateTo function does not correctly use APIs provided by unjs/ufo, leading to parsing discrepancies. The function first checks if a URL has a protocol using the unjs/ufo package, which works...

DEBIAN-CVE-2024-42231

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix calcavailablefreespace for zoned mode calcavailablefreespace returns the total size of metadata or system block groups, which can be allocated from unallocated disk space. The logic is wrong on zoned mode in two...

UBUNTU-CVE-2024-42231

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix calcavailablefreespace for zoned mode calcavailablefreespace returns the total size of metadata or system block groups, which can be allocated from unallocated disk space. The logic is wrong on zoned mode in two...

DEBIAN-CVE-2024-42066

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix potential integer overflow in page size calculation Explicitly cast tbo-pagealignment to u64 before bit-shifting to prevent overflow when assigning to minpagesize...

AZL-47210 CVE-2024-42066 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix potential integer overflow in page size calculation Explicitly cast tbo-pagealignment to u64 before bit-shifting to prevent overflow when assigning to minpagesize...

UBUNTU-CVE-2024-42066

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix potential integer overflow in page size calculation Explicitly cast tbo-pagealignment to u64 before bit-shifting to prevent overflow when assigning to minpagesize...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not explicitly converting tbo-pagealignment to u64 when calculating page sizes, resulting in a possible...

UBUNTU-CVE-2022-48827

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...

UBUNTU-CVE-2024-39488

In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...

DEBIAN-CVE-2024-33847

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may be corrupted after below testcase: - mkfs.f2fs -O extraattr,compression -f /dev/vdb - mount /dev/vdb /mnt/f2fs - touch /mnt/f2fs/file -...

AZL-54783 CVE-2022-48766 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wrap dcn301calculatewmanddlg for FPU. Mirrors the logic for dcn30. Cue lots of WARNs and some kernel panics without this fix...

DEBIAN-CVE-2024-38604

In the Linux kernel, the following vulnerability has been resolved: block: refine the EOF check in blkdeviomapbegin blkdeviomapbegin rounds down the offset to the logical block size before stashing it in iomap-offset and checking that it still is inside the inode size. Check the isize check to th...

UBUNTU-CVE-2024-38604

In the Linux kernel, the following vulnerability has been resolved: block: refine the EOF check in blkdeviomapbegin blkdeviomapbegin rounds down the offset to the logical block size before stashing it in iomap-offset and checking that it still is inside the inode size. Check the isize check to th...

ALPINE-CVE-2024-5171

Integer overflow in libaom internal function imgallochelper can lead to heap buffer overflow. This function can be reached via 3 callers: Calling aomimgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and so...

DEBIAN-CVE-2024-36946

In the Linux kernel, the following vulnerability has been resolved: phonet: fix rtmphonetnotify skb allocation fillroute stores three components in the skb: - struct rtmsg - RTADST u8 - RTAOIF u32 Therefore, rtmphonetnotify should use NLMSGALIGNsizeofstruct rtmsg + nlatotalsize1 + nlatotalsize4...

SUSE CVE-2021-47396

In the Linux kernel, the following vulnerability has been resolved: mac80211-hwsim: fix late beacon hrtimer handling Thomas explained in https://lore.kernel.org/r/87mtoeb4hb.ffs@tglx that our handling of the hrtimer here is wrong: If the timer fires late e.g. due to vCPU scheduling, as reported b...

CVE-2021-47467 kunit: fix reference count leak in kfree_at_end

In the Linux kernel, the following vulnerability has been resolved: kunit: fix reference count leak in kfreeatend The reference counting issue happens in the normal path of kfreeatend. When kunitallocandgetresource is invoked, the function forgets to handle the returned resource object, whose...

CVE-2023-52770 f2fs: split initial and dynamic conditions for extent_cache

In the Linux kernel, the following vulnerability has been resolved: f2fs: split initial and dynamic conditions for extentcache Let's allocate the extentcache tree without dynamic conditions to avoid a missing condition causing a panic as below. create a file w/ a compressed flag disable the...

DEBIAN-CVE-2021-47396

In the Linux kernel, the following vulnerability has been resolved: mac80211-hwsim: fix late beacon hrtimer handling Thomas explained in https://lore.kernel.org/r/87mtoeb4hb.ffs@tglx that our handling of the hrtimer here is wrong: If the timer fires late e.g. due to vCPU scheduling, as reported b...