AZL-47604 CVE-2024-42239 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpftimercancel when callback is being cancelled Given a schedule: timer1 cb timer2 cb bpftimercanceltimer2; bpftimercanceltimer1; Both bpftimercancel calls would wait for the other callback to finish executing,...

kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel

A use-after-free flaw was found in the Linux kernel’s BPF functionality. This flaw allows a local user to crash the system...

AZL-62510 CVE-2024-41045 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same case as previous patch two timer callbacks trying to cancel each other can be invoked through bpfmapupdateelem as well, or more precisely, freeing map elements containi...