AZL-53057 CVE-2024-50217 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free of block device file in btrfsfreeextradevids Mounting btrfs from two images which have the same one fsid and two different devuuids in certain executing order may trigger an UAF for variable...

UBUNTU-CVE-2024-50217

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free of block device file in btrfsfreeextradevids Mounting btrfs from two images which have the same one fsid and two different devuuids in certain executing order may trigger an UAF for variable...

UBUNTU-CVE-2024-50187

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Stop the active perfmon before being destroyed Upon closing the file descriptor, the active performance monitor is not stopped. Although all perfmons are destroyed in vc4perfmonclosefile, the active performance monitor's...

CVE-2024-50187 drm/vc4: Stop the active perfmon before being destroyed

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Stop the active perfmon before being destroyed Upon closing the file descriptor, the active performance monitor is not stopped. Although all perfmons are destroyed in vc4perfmonclosefile, the active performance monitor's...

CVE-2024-50154

A use-after-free UAF vulnerability was found and fixed in the Linux kernel's TCP subsystem related to request socket reqsk timers during handshake handling. This issue stems from a race condition caused by relying on timerpending in reqskqueueunlink. This could result in the timer continuing to r...

PT-2024-35548

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the drm/imagination component. The issue occurs when remaining resources are being cleaned up on driver close, and...

AZL-51822 CVE-2024-49769 affecting package python-waitress 1.4.4-7

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer...

CVE-2024-50613

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpegl3encode.c mpegl3encoderclose...

AZL-51909 CVE-2024-50613 affecting package libsndfile 1.2.2-4

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpegl3encode.c mpegl3encoderclose...

DEBIAN-CVE-2024-50613

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpegl3encode.c mpegl3encoderclose...

PT-2024-34359 · Unknown +1 · Libsndfile +1

Name of the Vulnerable Software and Affected Versions: libsndfile versions 1.2.2 and earlier Description: The issue is related to a reachable assertion in the mpeg l3 encode.c file, specifically in the mpeg l3 encoder close function, which may lead to application exit. Recommendations: For...

SUSE CVE-2024-49998

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is...

SUSE CVE-2022-49018

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sleep in atomic at close time Matt reported a splat at msk close time: BUG: sleeping function called from invalid context at net/mptcp/protocol.c:2877 inatomic: 1, irqsdisabled: 0, nonblock: 0, pid: 155, name:...

CVE-2022-49018

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sleep in atomic at close time Matt reported a splat at msk close time: BUG: sleeping function called from invalid context at net/mptcp/protocol.c:2877 inatomic: 1, irqsdisabled: 0, nonblock: 0, pid: 155, name:...

DEBIAN-CVE-2022-49018

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sleep in atomic at close time Matt reported a splat at msk close time: BUG: sleeping function called from invalid context at net/mptcp/protocol.c:2877 inatomic: 1, irqsdisabled: 0, nonblock: 0, pid: 155, name:...

UBUNTU-CVE-2022-48984

In the Linux kernel, the following vulnerability has been resolved: can: slcan: fix freed work crash The LTP test pty03 is causing a crash in slcan: BUG: kernel NULL pointer dereference, address: 0000000000000008 PF: supervisor read access in kernel mode PF: errorcode0x0000 - not-present page PGD...

CVE-2022-49018

CVE-2022-49018 involves a Linux kernel bug where a sleep in atomic context occurred during mptcp_close. The CVE entries in the provided documents confirm the issue was resolved by replacing the fast socket lock variant with sock_lock_nested() in the mptcp_close path (net/mptcp/protocol.c: close f...

CVE-2022-49018 mptcp: fix sleep in atomic at close time

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sleep in atomic at close time Matt reported a splat at msk close time: BUG: sleeping function called from invalid context at net/mptcp/protocol.c:2877 inatomic: 1, irqsdisabled: 0, nonblock: 0, pid: 155, name:...

CVE-2022-49018 mptcp: fix sleep in atomic at close time

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sleep in atomic at close time Matt reported a splat at msk close time: BUG: sleeping function called from invalid context at net/mptcp/protocol.c:2877 inatomic: 1, irqsdisabled: 0, nonblock: 0, pid: 155, name:...

AZL-51966 CVE-2024-49998 affecting package kernel for versions less than 6.6.117.1-1

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is...