CVE-2023-54195

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix timeout of a call that hasn't yet been granted a channel afsmakecall calls rxrpckernelbegincall to begin a call which may get stalled in the background waiting for a connection to become available; it then calls...

CVE-2023-54195

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix timeout of a call that hasn't yet been granted a channel afsmakecall calls rxrpckernelbegincall to begin a call which may get stalled in the background waiting for a connection to become available; it then calls...

UBUNTU-CVE-2023-54273

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix leak of dev tracker At the stage of direction checks, the netdev reference tracker is already initialized, but released with wrong put call...

UBUNTU-CVE-2023-54195

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix timeout of a call that hasn't yet been granted a channel afsmakecall calls rxrpckernelbegincall to begin a call which may get stalled in the background waiting for a connection to become available; it then calls...

CVE-2022-50812

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

CVE-2022-50812

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

UBUNTU-CVE-2022-50812

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

CVE-2023-54293 bcache: fixup btree_cache_wait list damage

In the Linux kernel, the following vulnerability has been resolved: bcache: fixup btreecachewait list damage We get a kernel crash about "listadd corruption. next-prev should be prev ffff9c801bc01210, but was ffff9c77b688237c. next=ffffae586d8afe68." crash struct listhead 0xffff9c801bc01210 struc...

CVE-2023-54274 RDMA/srpt: Add a check for valid 'mad_agent' pointer

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Add a check for valid 'madagent' pointer When unregistering MAD agent, srpt module has a non-null check for 'madagent' pointer before invoking ibunregistermadagent. This check can pass if 'madagent' variable holds an...

CVE-2023-54273 xfrm: Fix leak of dev tracker

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix leak of dev tracker At the stage of direction checks, the netdev reference tracker is already initialized, but released with wrong put call...

CVE-2023-54195

CVE-2023-54195 affects the Linux kernel’s rxrpc stack. A call that hasn’t been granted a channel could timeout prematurely because rxrpc_kernel_set_max_life() started the call timer before a connection was assigned, risking a NULL pointer dereference. The published fixes note to record timeouts i...

CVE-2023-54195 rxrpc: Fix timeout of a call that hasn't yet been granted a channel

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix timeout of a call that hasn't yet been granted a channel afsmakecall calls rxrpckernelbegincall to begin a call which may get stalled in the background waiting for a connection to become available; it then calls...

CVE-2023-54195

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix timeout of a call that hasn't yet been granted a channel afsmakecall calls rxrpckernelbegincall to begin a call which may get stalled in the background waiting for a connection to become available; it then calls...

CVE-2023-54195 rxrpc: Fix timeout of a call that hasn't yet been granted a channel

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix timeout of a call that hasn't yet been granted a channel afsmakecall calls rxrpckernelbegincall to begin a call which may get stalled in the background waiting for a connection to become available; it then calls...

CVE-2023-54184

Summary (CVE-2023-54184) The vulnerability affects the Linux kernel SCSI target (iscsi_target_mod) where recovery entries for iSCSI sessions are freed after the session is closed, leading to use-after-free or NULL dereference during command free due to a late cleanup. The root cause is the cleanu...

CVE-2022-50821 SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Don't leak netobj memory when gssreadproxyverf fails...

CVE-2022-50812

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

CVE-2022-50812 security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

CVE-2022-50812 security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

CVE-2022-50812

The CVE-2022-50812 issue affects the Linux kernel, arising from a bug in clang’s -fzero-call-used-regs implementation. The vulnerability can cause NULL pointer dereferences. The fix is to restrict CONFIG_ZERO_CALL_USED_REGS to a supported GCC version or a clang newer than 15.0.6 (and to cover the...