CVE-2022-48759 rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev

In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix race between the release of rpmsgctrldev and cdev struct rpmsgctrldev contains a struct cdev. The current code frees the rpmsgctrldev struct in rpmsgctrldevreleasedevice, but the cdev is a managed object, therefo...

CVE-2022-48759

In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix race between the release of rpmsgctrldev and cdev struct rpmsgctrldev contains a struct cdev. The current code frees the rpmsgctrldev struct in rpmsgctrldevreleasedevice, but the cdev is a managed object, therefo...

CVE-2024-36898

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to conta...

DEBIAN-CVE-2024-36932

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermaldebugcdevremove does not run under cdev-lock, it can run in parallel with thermaldebugcdevstateupdate and it may free the struct thermaldebugf...

CVE-2024-36898

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to conta...

CVE-2024-36898

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to conta...

UBUNTU-CVE-2024-36932

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermaldebugcdevremove does not run under cdev-lock, it can run in parallel with thermaldebugcdevstateupdate and it may free the struct thermaldebugf...

UBUNTU-CVE-2024-36899

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...

CVE-2024-36932 thermal/debugfs: Prevent use-after-free from occurring after cdev removal

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermaldebugcdevremove does not run under cdev-lock, it can run in parallel with thermaldebugcdevstateupdate and it may free the struct thermaldebugf...

CVE-2024-36932 thermal/debugfs: Prevent use-after-free from occurring after cdev removal

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermaldebugcdevremove does not run under cdev-lock, it can run in parallel with thermaldebugcdevstateupdate and it may free the struct thermaldebugf...

CVE-2024-36932 thermal/debugfs: Prevent use-after-free from occurring after cdev removal

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermaldebugcdevremove does not run under cdev-lock, it can run in parallel with thermaldebugcdevstateupdate and it may free the struct thermaldebugf...

CVE-2024-36932

CVE-2024-36932 pertains to the Linux kernel, where a use-after-free can occur in thermal_debugfs after cdev removal. The root cause is that thermal_debug_cdev_remove() runs without holding cdev->lock, potentially freeing the thermal_debugfs object while thermal_debug_cdev_state_update() may st...

CVE-2024-36898 gpiolib: cdev: fix uninitialised kfifo

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to conta...

CVE-2024-36898 gpiolib: cdev: fix uninitialised kfifo

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to conta...

CVE-2024-36899 gpiolib: cdev: Fix use after free in lineinfo_changed_notify

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...

CVE-2024-36899 gpiolib: cdev: Fix use after free in lineinfo_changed_notify

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...

CVE-2024-36898 gpiolib: cdev: fix uninitialised kfifo

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to conta...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uninitialized kfifo in the gpiolib:cdev module...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a post-release use in the gpiolib:cdev module lineinfochangednotify...

kernel: gpiolib: cdev: fix NULL-pointer dereferences

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbinding the GPIO device, then calling any of the system calls relevant to the GPIO character device's...