CVE-2024-26774

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid dividing by 0 in mbupdateavgfragmentsize when block bitmap corrupt Determine if bbfragments is 0 instead of determining bbfree to eliminate the risk of dividing by zero when the block bitmap is corrupted...

CVE-2024-26773 ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbtrybestfound Determine if the group block bitmap is corrupted before using acbex in ext4mbtrybestfound to avoid allocating blocks from a group with a corrupted block...

CVE-2024-26773 ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbtrybestfound Determine if the group block bitmap is corrupted before using acbex in ext4mbtrybestfound to avoid allocating blocks from a group with a corrupted block...

CVE-2024-26773

Summary (CVE-2024-26773): The Linux kernel ext4 allocator could allocate blocks from a group whose block bitmap was corrupted, due to a concurrency window where ac_b_ex was used in ext4_mb_try_best_found(). The issue was tied to validating whether a group bitmap is corrupted before block allocati...

CVE-2024-26773

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbtrybestfound Determine if the group block bitmap is corrupted before using acbex in ext4mbtrybestfound to avoid allocating blocks from a group with a corrupted block...

CVE-2024-26772

CVE-2024-26772 describes a Linux kernel vulnerability in ext4 where block allocations could come from a corrupted group bitmap. The fix moves the group bitmap integrity check under the group lock in ext4_mb_find_by_goal(), ensuring that blocks are not allocated from a group whose bitmap is corrup...

CVE-2024-26772 ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbfindbygoal Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating blocks from the group with a...

CVE-2024-26772

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbfindbygoal Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating blocks from the group with a...

Medium: python-pillow

Issue Overview: Affected versions of this package are vulnerable to Denial of Service DoS when using arbitrary strings as text input and the number of characters passed into PIL.ImageFont.ImageFont.getmask is over a certain limit. This can lead to a system crash. Affected versions of this package...

[SECURITY] Fedora 40 Update: fontforge-20230101-11.fc40

FontForge former PfaEdit is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts...

SUSE CVE-2021-47127

In the Linux kernel, the following vulnerability has been resolved: ice: track AFXDP ZC enabled queues in bitmap Commit c7a219048e45 "ice: Remove xskbuffpool from VSI structure" silently introduced a regression and broke the Tx side of AFXDP in copy mode. xskpool on icering is set only based on t...

CVE-2021-47127

In the Linux kernel, the following vulnerability has been resolved: ice: track AFXDP ZC enabled queues in bitmap Commit c7a219048e45 "ice: Remove xskbuffpool from VSI structure" silently introduced a regression and broke the Tx side of AFXDP in copy mode. xskpool on icering is set only based on t...

CVE-2021-47127

In the Linux kernel, the following vulnerability has been resolved: ice: track AFXDP ZC enabled queues in bitmap Commit c7a219048e45 "ice: Remove xskbuffpool from VSI structure" silently introduced a regression and broke the Tx side of AFXDP in copy mode. xskpool on icering is set only based on t...

CVE-2021-47127 ice: track AF_XDP ZC enabled queues in bitmap

In the Linux kernel, the following vulnerability has been resolved: ice: track AFXDP ZC enabled queues in bitmap Commit c7a219048e45 "ice: Remove xskbuffpool from VSI structure" silently introduced a regression and broke the Tx side of AFXDP in copy mode. xskpool on icering is set only based on t...

CVE-2021-47127 ice: track AF_XDP ZC enabled queues in bitmap

In the Linux kernel, the following vulnerability has been resolved: ice: track AFXDP ZC enabled queues in bitmap Commit c7a219048e45 "ice: Remove xskbuffpool from VSI structure" silently introduced a regression and broke the Tx side of AFXDP in copy mode. xskpool on icering is set only based on t...

CVE-2021-47127

CVE-2021-47127: The Linux kernel AF_XDP copy-mode Tx regression (introduced by commit that removed xsk_buff_pool from VSI) is fixed by adding a bitmap of zero-copy queues. Each bit corresponds to a queue where an xsk pool is configured; the bitmap is updated in ice_xsk_pool_en/disable and consult...

CLSA-2024-1709839661 Fix CVE(s): CVE-2023-5341

SECURITY UPDATE: Heap use-after-free flaw in coders/bmp.c in ImageMagick - debian/patches/CVE-2023-5341.patch: Check BMP file size to fix ImproperImageHeader caused by poc provided by Hardik Shah of Vehere Dawn Treaders team - CVE-2023-5341...

USN-6653-4 linux-gke vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

SUSE CVE-2021-46950

In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request This patch addresses a data corruption bug in raid1 arrays using bitmaps. Without this fix, the bitmap bits for the failed I/O end up being cleared. Since we...

USN-6653-3 linux-lowlatency vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...