461 matches found
CVE-2024-56730 net/9p/usbg: fix handling of the failed kzalloc() memory allocation
In the Linux kernel, the following vulnerability has been resolved: net/9p/usbg: fix handling of the failed kzalloc memory allocation On the linux-next, next-20241108 vanilla kernel, the coccinelle tool gave the following error report: ./net/9p/transusbg.c:912:5-11: ERROR: allocation function on...
SUSE CVE-2024-56681
In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - add error check in the ahashhmacinit function The ahashinit functions may return fails. The ahashhmacinit should not return ok when ahashinit returns error. For an example, ahashinit will return -ENOMEM when...
CVE-2024-56681
In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - add error check in the ahashhmacinit function The ahashinit functions may return fails. The ahashhmacinit should not return ok when ahashinit returns error. For an example, ahashinit will return -ENOMEM when...
DEBIAN-CVE-2024-56681
In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - add error check in the ahashhmacinit function The ahashinit functions may return fails. The ahashhmacinit should not return ok when ahashinit returns error. For an example, ahashinit will return -ENOMEM when...
CVE-2024-56697 drm/amdgpu: Fix the memory allocation issue in amdgpu_discovery_get_nps_info()
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the memory allocation issue in amdgpudiscoverygetnpsinfo Fix two issues with memory allocation in amdgpudiscoverygetnpsinfo for memranges: - Add a check for allocation failure to avoid dereferencing a null pointer...
CVE-2024-56681
In CVE-2024-56681, the Linux kernel vulnerability concerns the crypto/bcm driver: the ahash_hmac_init function did not account for errors from the underlying ahash_init, potentially returning OK when the init failed (e.g., -ENOMEM). The issue is fixed by adding an error check to ensure ahash_hmac...
CVE-2024-56681 crypto: bcm - add error check in the ahash_hmac_init function
In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - add error check in the ahashhmacinit function The ahashinit functions may return fails. The ahashhmacinit should not return ok when ahashinit returns error. For an example, ahashinit will return -ENOMEM when...
CVE-2024-56584
In the Linux kernel, the following vulnerability has been resolved: iouring/tctx: work around xastore allocation error issue syzbot triggered the following WARNON: WARNING: CPU: 0 PID: 16 at iouring/tctx.c:51 iouringfree+0xfa/0x140 iouring/tctx.c:51 which is the WARNONONCE!xaempty&tctx-xa; sanity...
CVE-2024-56584 io_uring/tctx: work around xa_store() allocation error issue
In the Linux kernel, the following vulnerability has been resolved: iouring/tctx: work around xastore allocation error issue syzbot triggered the following WARNON: WARNING: CPU: 0 PID: 16 at iouring/tctx.c:51 iouringfree+0xfa/0x140 iouring/tctx.c:51 which is the WARNONONCE!xaempty&tctx-xa; sanity...
CVE-2024-56584
CVE-2024-56584 concerns the Linux kernel: a flaw in io_uring/tctx could leave tctx->xa head non-NULL after xa_store() allocation failures, even when there are no entries. Syzbot WARN_ON_ONCE(!xa_empty(&tctx->xa)) could trigger during final put of an io_uring_task. The available documents de...
CVE-2024-56584
In the Linux kernel, the following vulnerability has been resolved: iouring/tctx: work around xastore allocation error issue syzbot triggered the following WARNON: WARNING: CPU: 0 PID: 16 at iouring/tctx.c:51 iouringfree+0xfa/0x140 iouring/tctx.c:51 which is the WARNONONCE!xaempty&tctx-xa; sanity...
CVE-2024-56584 io_uring/tctx: work around xa_store() allocation error issue
In the Linux kernel, the following vulnerability has been resolved: iouring/tctx: work around xastore allocation error issue syzbot triggered the following WARNON: WARNING: CPU: 0 PID: 16 at iouring/tctx.c:51 iouringfree+0xfa/0x140 iouring/tctx.c:51 which is the WARNONONCE!xaempty&tctx-xa; sanity...
DEBIAN-CVE-2024-56535
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: coex: check NULL return of kmalloc in btcfwsetmonreg kmalloc may fail, return value might be NULL and will cause NULL pointer dereference. Add check NULL return of kmalloc in btcfwsetmonreg...
QNAP Notes Station 安全漏洞
QNAP Notes Station 3 is a private cloud notes software that runs on QNAP NAS devices and supports real-time multi-person collaboration, version control, data encryption and snapshot backup. QNAP Notes Station 3 suffers from a Resource Privilege Assignment Error vulnerability that stems from the...
DEBIAN-CVE-2024-50209
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Add a check for memory allocation allocpbl can return error when memory allocation fails. Driver is not checking the status on one of the instances...
DEBIAN-CVE-2024-50120
In the Linux kernel, the following vulnerability has been resolved: smb: client: Handle kstrdup failures for passwords In smb3reconfigure, after duplicating ctx-password and ctx-password2 with kstrdup, we need to check for allocation failures. If ses-password allocation fails, return -ENOMEM. If...
CVE-2024-49884 ext4: fix slab-use-after-free in ext4_split_extent_at()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4splitextentat We hit the following use-after-free: ================================================================== BUG: KASAN: slab-use-after-free in ext4splitextentat+0xba8/0xcc0 Read of...
nouveau/dmem: handle kcalloc() allocation failure
...
SUSE CVE-2024-42241
In the Linux kernel, the following vulnerability has been resolved: mm/shmem: disable PMD-sized page cache if needed For shmem files, it's possible that PMD-sized page cache can't be supported by xarray. For example, 512MB page cache on ARM64 when the base page size is 64KB can't be supported by...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer CVE-2022-48627 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets CVE-2023-526...