125 matches found
CVE-2024-42315
In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on exfatgetdentryset When accessing a file with more entries than ESMAXENTRYNUM, the bh-array is allocated in exfatgetentryset. The problem is that the bh-array is allocated with GFPKERNEL. It does n...
CVE-2024-41081
A race condition flaw was found in the Linux kernel's IP Last Anomaly ILA subsystem. This issue occurs when the ilaoutput function, called from lwtunneloutput in process context and under RCU read lock, could be interrupted by a softirq, leading to potential corruption of dstcache data structures...
CVE-2024-43835 virtio_net: Fix napi_skb_cache_put warning
In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix napiskbcacheput warning After the commit bdacf3e34945 "net: Use nested-BH locking for napialloccache." was merged, the following warning began to appear: WARNING: CPU: 5 PID: 1 at net/core/skbuff.c:1451...
DEBIAN-CVE-2024-42315
In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on exfatgetdentryset When accessing a file with more entries than ESMAXENTRYNUM, the bh-array is allocated in exfatgetentryset. The problem is that the bh-array is allocated with GFPKERNEL. It does n...
CVE-2024-42271
In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucvsockclose iucvseverpath is called from process context and from bh context. iucv-path is used as indicator whether somebody else is taking care of severing the path or it is already removed /...
CVE-2024-42271
In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucvsockclose iucvseverpath is called from process context and from bh context. iucv-path is used as indicator whether somebody else is taking care of severing the path or it is already removed /...
UBUNTU-CVE-2024-42315
In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on exfatgetdentryset When accessing a file with more entries than ESMAXENTRYNUM, the bh-array is allocated in exfatgetentryset. The problem is that the bh-array is allocated with GFPKERNEL. It does n...
CVE-2024-42315 exfat: fix potential deadlock on __exfat_get_dentry_set
In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on exfatgetdentryset When accessing a file with more entries than ESMAXENTRYNUM, the bh-array is allocated in exfatgetentryset. The problem is that the bh-array is allocated with GFPKERNEL. It does n...
CVE-2024-42306 udf: Avoid using corrupted block bitmap buffer
In the Linux kernel, the following vulnerability has been resolved: udf: Avoid using corrupted block bitmap buffer When the filesystem block bitmap is corrupted, we detect the corruption while loading the bitmap and fail the allocation with error. However the next allocation from the same bitmap...
SUSE CVE-2024-41081
In the Linux kernel, the following vulnerability has been resolved: ila: block BH in ilaoutput As explained in commit 1378817486d6 "tipc: block BH before using dstcache", net/core/dstcache.c helpers need to be called with BH disabled. ilaoutput is called from lwtunneloutput possibly from process...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer CVE-2022-48627 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets CVE-2023-526...
UBUNTU-CVE-2024-41036
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851startxmitspi and ks8851irq: watchdog: BUG: soft...
CVE-2024-41081 ila: block BH in ila_output()
In the Linux kernel, the following vulnerability has been resolved: ila: block BH in ilaoutput As explained in commit 1378817486d6 "tipc: block BH before using dstcache", net/core/dstcache.c helpers need to be called with BH disabled. ilaoutput is called from lwtunneloutput possibly from process...
CVE-2024-41081 ila: block BH in ila_output()
In the Linux kernel, the following vulnerability has been resolved: ila: block BH in ilaoutput As explained in commit 1378817486d6 "tipc: block BH before using dstcache", net/core/dstcache.c helpers need to be called with BH disabled. ilaoutput is called from lwtunneloutput possibly from process...
CVE-2024-41081
CVE-2024-41081: Linux kernel vulnerability in ila_output() where race against softirq/RCU could corrupt net/dst_cache data if ila_output() is interrupted and re-entered under rcu_read_lock(). The root cause is attempting to block BH in ila_output() without disabling local BH, leading to potential...
CVE-2024-36962
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction softirq on exit from netifrx. The netrxaction could...
CVE-2024-36962 net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction softirq on exit from netifrx. The netrxaction could...
DEBIAN-CVE-2024-36905
In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdownSENDSHUTDOWN for TCPSYNRECV sockets TCPSYNRECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash 1, syzbot managed to trigger a divide by zero in...
SUSE CVE-2024-26956
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix failure to detect DAT corruption in btree and direct mappings Patch series "nilfs2: fix kernel bug at submitbhwbc". This resolves a kernel BUG reported by syzbot. Since there are two flaws involved, I've made each one...
CVE-2024-26877
A vulnerability was found in the Linux kernel's Xilinx crypto driver. This issue is caused by failing to disable bottom halves BH when calling the cryptofinalizerequest function, leading to potential system warnings and call traces. Mitigation Mitigation for this issue is either not available or...