UBUNTU-CVE-2024-38591

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix deadlock on SRQ async events. xalock for SRQ table may be required in AEQ. Use xastoreirq/ xaeraseirq to avoid deadlock...

SUSE CVE-2024-36924

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup lpfcworkerwakeup calls the lpfcworkdone routine, which takes the hbalock. Thus, lpfcworkerwakeup should not be called while holding the hbalock to avoid potential deadlo...

DEBIAN-CVE-2024-36962

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction softirq on exit from netifrx. The netrxaction could...

UBUNTU-CVE-2021-47551

In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again In SRIOV configuration, the reset may failed to bring asic back to normal but stop cpsch already been called, the startcpsch will not be called since the...

SUSE CVE-2023-52770

In the Linux kernel, the following vulnerability has been resolved: f2fs: split initial and dynamic conditions for extentcache Let's allocate the extentcache tree without dynamic conditions to avoid a missing condition causing a panic as below. create a file w/ a compressed flag disable the...

kernel: ACPI: PPTT: Fix to avoid sleep in the atomic context when PPTT is absent

In the Linux kernel, the following vulnerability has been resolved: ACPI: PPTT: Fix to avoid sleep in the atomic context when PPTT is absent Commit 0c80f9e165f8 "ACPI: PPTT: Leave the table mapped for the runtime usage" enabled to map PPTT once on the first invocation of acpigetpptt and never...

DEBIAN-CVE-2021-47446

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a4xx: fix error handling in a4xxgpuinit This code returns 1 on error instead of a negative error. It leads to an Oops in the caller. A second problem is that the check for "if ret != -ENODATA" cannot be true because "ret"...

UBUNTU-CVE-2024-35957

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix WARNON in iommu probe path Commit 1a75cc710b95 "iommu/vt-d: Use rbtree to track iommu probed devices" adds all devices probed by the iommu driver in a rbtree indexed by the source ID of each device. It assumes tha...

DEBIAN-CVE-2024-35861

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifssignalcifsdforreconnect Skip sessions that are being teared down status == SESEXITING to avoid UAF...

SUSE CVE-2024-26976

In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...

CVE-2024-26933

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in port "disable" sysfs attribute The show and store callback routines for the "disable" sysfs attribute file in port.c acquire the device lock for the port's parent hub device. This can cause problems if...

DEBIAN-CVE-2024-27031

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix nfsnetfsissueread xarray locking for writeback interrupt The loop inside nfsnetfsissueread currently does not disable interrupts while iterating through pages in the xarray to submit for NFS read. This is not safe though...

UBUNTU-CVE-2024-27032

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential panic during recovery During recovery, if FAULTBLOCK is on, it is possible that f2fsreservenewblock will return -ENOSPC during recovery, then it may trigger panic. Also, if fault injection rate is 1 a...

UBUNTU-CVE-2024-27031

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix nfsnetfsissueread xarray locking for writeback interrupt The loop inside nfsnetfsissueread currently does not disable interrupts while iterating through pages in the xarray to submit for NFS read. This is not safe though...

CVE-2024-27032 f2fs: fix to avoid potential panic during recovery

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential panic during recovery During recovery, if FAULTBLOCK is on, it is possible that f2fsreservenewblock will return -ENOSPC during recovery, then it may trigger panic. Also, if fault injection rate is 1 a...

CVE-2024-27032

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential panic during recovery During recovery, if FAULTBLOCK is on, it is possible that f2fsreservenewblock will return -ENOSPC during recovery, then it may trigger panic. Also, if fault injection rate is 1 a...

UBUNTU-CVE-2024-27003

In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree for clksummary Similar to the previous commit, we should make sure that all devices are runtime resumed before printing the clksummary through debugfs. Failure to do so would result in a...

DEBIAN-CVE-2022-48658

In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flushcpuslab/freeslab invocations in task context. Commit 5a836bf6b09f "mm: slub: move flushcpuslab invocations freeslab invocations out of IRQ context" moved all flushcpuslab invocations to the global workqueue to...

Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike

Cybersecurity researchers have discovered an ongoing attack campaign that's leveraging phishing emails to deliver a malware called SSLoad. The campaign, codenamed FROZENSHADOW by Securonix, also involves the deployment of Cobalt Strike and the ConnectWise ScreenConnect remote desktop software...

Using the LockBit builder to generate targeted ransomware

The previous Kaspersky research focused on a detailed analysis of the LockBit 3.0 builder leaked in 2022. Since then, attackers have been able to generate customized versions of the threat according to their needs. This opens up numerous possibilities for malicious actors to make their attacks mo...