DEBIAN-CVE-2024-46790

In the Linux kernel, the following vulnerability has been resolved: codetag: debug: mark codetags for poisoned page as empty When PGhwpoison pages are freed they are treated differently in freepagesprepare and instead of being released they are isolated. Page allocation tag counters are decrement...

DEBIAN-CVE-2024-46789

In the Linux kernel, the following vulnerability has been resolved: mm/slub: add check for s-flags in the alloctaggingslabfreehook When enable CONFIGMEMCG & CONFIGKFENCE & CONFIGKMEMLEAK, the following warning always occurs,This is because the following call stack occurred: mempoolalloc...

UBUNTU-CVE-2024-46789

In the Linux kernel, the following vulnerability has been resolved: mm/slub: add check for s-flags in the alloctaggingslabfreehook When enable CONFIGMEMCG & CONFIGKFENCE & CONFIGKMEMLEAK, the following warning always occurs,This is because the following call stack occurred: mempoolalloc...

SUSE CVE-2024-45001

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix RX buf allocsize alignment and atomic op panic The MANA driver's RX buffer allocsize is passed into napibuildskb to create SKB. skbshinfoskb is located at the end of skb, and its alignment is affected by the...

DEBIAN-CVE-2024-45001

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix RX buf allocsize alignment and atomic op panic The MANA driver's RX buffer allocsize is passed into napibuildskb to create SKB. skbshinfoskb is located at the end of skb, and its alignment is affected by the...

UBUNTU-CVE-2024-45001

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix RX buf allocsize alignment and atomic op panic The MANA driver's RX buffer allocsize is passed into napibuildskb to create SKB. skbshinfoskb is located at the end of skb, and its alignment is affected by the...

AZL-49307 CVE-2024-44947 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fusenotifystore, unlike fusedoreadpage, does not enable page zeroing because it can be used to change partial page contents. So fusenotifystore must be more carefu...

CVE-2024-44947

In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fusenotifystore, unlike fusedoreadpage, does not enable page zeroing because it can be used to change partial page contents. So fusenotifystore must be more carefu...

UBUNTU-CVE-2024-44947

In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fusenotifystore, unlike fusedoreadpage, does not enable page zeroing because it can be used to change partial page contents. So fusenotifystore must be more carefu...

CVE-2023-52910

An integer overflow vulnerability was found in the Linux kernel. If iovad-anchor.pfnhi is 0UL, then when iovad-cachednode is iovad-anchor, curriova-pfnhi will overflow. As a result, if the retry logic is executed, lowpfn is updated to 0, and then newpfn lowpfn returns false to make the allocation...

DEBIAN-CVE-2023-52910

In the Linux kernel, the following vulnerability has been resolved: iommu/iova: Fix alloc iova overflows issue In allocandinsertiovarange, there is an issue that retrypfn overflows. The value of iovad-anchor.pfnhi is 0UL, then when iovad-cachednode is iovad-anchor, curriova-pfnhi + 1 will overflo...

CVE-2023-52910

In the Linux kernel, the following vulnerability has been resolved: iommu/iova: Fix alloc iova overflows issue In allocandinsertiovarange, there is an issue that retrypfn overflows. The value of iovad-anchor.pfnhi is 0UL, then when iovad-cachednode is iovad-anchor, curriova-pfnhi + 1 will overflo...

CVE-2023-52910 iommu/iova: Fix alloc iova overflows issue

In the Linux kernel, the following vulnerability has been resolved: iommu/iova: Fix alloc iova overflows issue In allocandinsertiovarange, there is an issue that retrypfn overflows. The value of iovad-anchor.pfnhi is 0UL, then when iovad-cachednode is iovad-anchor, curriova-pfnhi + 1 will overflo...

DEBIAN-CVE-2024-43871

In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devmfreepercpu It will cause memory leakage when use driver API devmfreepercpu to free memory allocated by devmallocpercpu, fixed by using devresrelease instead of devresdestroy...

kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

A vulnerability was found in the Linux kernel's networking subsystem in the actapi implementation within the tcfidrcheckalloc function, which lead to a possible infinite loop when multiple actions with the same index are added, causing the second request to block indefinitely while holding the...

UBUNTU-CVE-2024-42254

In the Linux kernel, the following vulnerability has been resolved: iouring: fix error pbuf checking Syz reports a problem, which boils down to NULL vs ISERR inconsistent error handling in ioallocpbufring. KASAN: null-ptr-deref in range 0x0000000000000000-0x0000000000000007 RIP:...

DEBIAN-CVE-2024-41098

In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error If the ataportalloc call in atahostalloc fails, atahostrelease will get called. However, the code in atahostrelease tries to free ataport struct members unconditionally, whi...

AZL-47465 CVE-2024-41087 affecting package kernel for versions less than 6.6.43.1-7

In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ataportalloc call in atahostalloc fails, we will jump to the errout label, which will call devresreleasegroup. devresreleasegroup will trigger a call to atahostrelease...

UBUNTU-CVE-2024-41087

In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ataportalloc call in atahostalloc fails, we will jump to the errout label, which will call devresreleasegroup. devresreleasegroup will trigger a call to atahostrelease...

SUSE CVE-2022-48821

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: avoid double fput on failed usercopy If the copy back to userland fails for the FASTRPCIOCTLALLOCDMABUFF ioctl, we shouldn't assume that 'buf-dmabuf' is still valid. In fact, dmabuffd called fdinstall before, i.e...