6 matches found
AZL-55203 CVE-2024-56694 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: bpf: fix recursive lock when verdict program return SKPASS When the streamverdict program returns SKPASS, it places the received skb into its own receive queue, but a recursive lock eventually occurs, leading to an operating syst...
AZL-55584 CVE-2024-56601 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...
AZL-55588 CVE-2024-56603 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...
AZL-55552 CVE-2024-53237 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in deviceforeachchild Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-after-free in deviceforeachchild+0x18f/0x1a0 Read of size 8 at addr ffff88801f605308 by task kbnepd bnep0/498...
AZL-54087 CVE-2024-53142 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...
AZL-46994 CVE-2024-39494 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name -dname.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it -dlock on dentry, -dlock on its parent, -irwsem exclusive on th...